CVE-2024-49385
published 2025-01-02CVE-2024-49385: Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 41736…
PriorityP423medium5.5CVSS 3.0
AVLACLPRLUINSUCHINAN
EPSS
0.15%
4.4th percentile
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 41736, Acronis True Image OEM (Windows) before build 42575.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| acronis | acronis_true_image | >= unspecified < 41736 | 41736 |
| acronis | acronis_true_image_oem | >= unspecified < 42575 | 42575 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Acronis True Image up to 41396 on Windows permission assignment
vuldb·2026-04-15·CVSS 5.5
CVE-2024-49385 [MEDIUM] Acronis True Image up to 41396 on Windows permission assignment
A vulnerability, which was classified as problematic, has been found in Acronis True Image up to 41396 on Windows. Affected by this vulnerability is an unknown functionality. The manipulation leads to incorrect permission assignment.
This vulnerability is documented as CVE-2024-49385. The attack needs to be performed locally. There is not any exploit available.
It is advisable to upgrade the affected component.
GHSA
GHSA-322v-gpc6-pf9f: Sensitive information disclosure due to insecure folder permissions
ghsa_unreviewed·2025-01-02
CVE-2024-49385 [MEDIUM] CWE-732 GHSA-322v-gpc6-pf9f: Sensitive information disclosure due to insecure folder permissions
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 41736.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-01-02
Published