Acronis Agent vulnerabilities
25 known vulnerabilities affecting acronis/acronis_agent.
Total CVEs
25
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH17MEDIUM8
Vulnerabilities
Page 1 of 2
CVE-2022-45451P3HIGHCVSS 7.8≥ unspecified, < 306002023-08-31
CVE-2022-45451 [HIGH] CWE-269 CVE-2022-45451: Local privilege escalation due to insecure driver communication port permissions. The following prod
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173, Acronis Agent (Windows) before build 30600, Acronis Cyber Protect 15 (Windows) before build 30984.
nvd
CVE-2022-45450P3HIGHCVSS 7.5≥ unspecified, < 286102023-05-18
CVE-2022-45450 [HIGH] CWE-285 CVE-2022-45450: Sensitive information disclosure and manipulation due to improper authorization. The following produ
Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 28610, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 30984.
nvd
CVE-2022-45458P3HIGHCVSS 7.5≥ unspecified, < 296332023-05-18
CVE-2022-45458 [HIGH] CWE-295 CVE-2022-45458: Sensitive information disclosure and manipulation due to improper certification validation. The foll
Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 29633, Acronis Cyber Protect 15 (Windows, macOS, Linux) before build 30984.
nvd
CVE-2023-41742P3HIGHCVSS 7.5≥ unspecified, < 304302023-08-31
CVE-2023-41742 [HIGH] CWE-1327 CVE-2023-41742: Excessive attack surface due to binding to an unrestricted IP address. The following products are af
Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30430, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
nvd
CVE-2022-45457P3HIGHCVSS 7.5≥ unspecified, < 296332023-05-18
CVE-2022-45457 [HIGH] CWE-295 CVE-2022-45457: Sensitive information disclosure and manipulation due to improper certification validation. The foll
Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows) before build 29633, Acronis Cyber Protect 15 (Windows) before build 30984.
nvd
CVE-2022-24113P3HIGHCVSS 7.8≥ unspecified, < 271472022-02-04
CVE-2022-24113 [HIGH] CWE-250 CVE-2022-24113: Local privilege escalation due to excessive permissions assigned to child processes. The following p
Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
nvd
CVE-2021-34800P3HIGHCVSS 7.5≥ unspecified, < 271472021-11-29
CVE-2021-34800 [HIGH] CWE-532 CVE-2021-34800: Sensitive information could be logged. The following products are affected: Acronis Agent (Windows,
Sensitive information could be logged. The following products are affected: Acronis Agent (Windows, Linux, macOS) before build 27147
nvd
CVE-2021-44204P3HIGHCVSS 7.8≥ unspecified, < 271472022-02-04
CVE-2021-44204 [HIGH] CWE-285 CVE-2021-44204: Local privilege escalation via named pipe due to improper access control checks. The following produ
Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
nvd
CVE-2022-45452P3HIGHCVSS 7.8≥ unspecified, < 304302023-05-18
CVE-2022-45452 [HIGH] CWE-269 CVE-2022-45452: Local privilege escalation due to insecure folder permissions. The following products are affected:
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build 30430, Acronis Cyber Protect 15 (Windows) before build 30984.
nvd
CVE-2022-45455P3HIGHCVSS 7.8≥ unspecified, < 300252023-02-13
CVE-2022-45455 [HIGH] CWE-459 CVE-2022-45455: Local privilege escalation due to incomplete uninstallation cleanup. The following products are affe
Local privilege escalation due to incomplete uninstallation cleanup. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107, Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984.
nvd
CVE-2023-41744P3HIGHCVSS 7.8≥ unspecified, < 306002023-08-31
CVE-2023-41744 [HIGH] CWE-347 CVE-2023-41744: Local privilege escalation due to unrestricted loading of unsigned libraries. The following products
Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Agent (macOS) before build 30600, Acronis Cyber Protect 15 (macOS) before build 35979.
nvd
CVE-2022-30990P3HIGHCVSS 7.5≥ unspecified, < 280372022-05-18
CVE-2022-30990 [HIGH] CWE-200 CVE-2022-30990: Sensitive information disclosure due to insecure folder permissions. The following products are affe
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Linux) before build 29240, Acronis Agent (Linux) before build 28037
nvd
CVE-2023-41749P3HIGHCVSS 7.5≥ unspecified, < 320472023-08-31
CVE-2023-41749 [HIGH] CWE-200 CVE-2023-41749: Sensitive information disclosure due to excessive collection of system information. The following pr
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (Windows) before build 32047, Acronis Cyber Protect 15 (Windows) before build 35979.
nvd
CVE-2022-45459P3HIGHCVSS 7.5≥ unspecified, < 300252023-05-18
CVE-2022-45459 [HIGH] CWE-200 CVE-2022-45459: Sensitive information disclosure due to insecure registry permissions. The following products are af
Sensitive information disclosure due to insecure registry permissions. The following products are affected: Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984.
nvd
CVE-2022-45454P3HIGHCVSS 7.5fixed in 301612023-02-13
CVE-2022-45454 [HIGH] CWE-200 CVE-2022-45454: Sensitive information disclosure due to insecure folder permissions. The following products are affe
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build 30161, Acronis Cyber Protect 15 (Windows) before build 30984.
nvd
CVE-2022-45456P3HIGHCVSS 7.5≥ unspecified, < 301612023-04-26
CVE-2022-45456 [HIGH] CWE-287 CVE-2022-45456: Denial of service due to unauthenticated API endpoint. The following products are affected: Acronis
Denial of service due to unauthenticated API endpoint. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 30161.
nvd
CVE-2023-44212P4HIGHCVSS 7.1≥ unspecified, < 314772023-10-05
CVE-2023-44212 [HIGH] CWE-862 CVE-2023-44212: Sensitive information disclosure and manipulation due to missing authorization. The following produc
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 31477.
nvd
CVE-2023-4688P4MEDIUMCVSS 5.5≥ unspecified, < 354332023-08-31
CVE-2023-4688 [MEDIUM] CWE-532 CVE-2023-4688: Sensitive information leak through log files. The following products are affected: Acronis Agent (Li
Sensitive information leak through log files. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35433.
nvd
CVE-2023-45245P4MEDIUMCVSS 5.5≥ unspecified, < 361192023-10-06
CVE-2023-45245 [MEDIUM] CWE-862 CVE-2023-45245: Sensitive information disclosure due to missing authorization. The following products are affected:
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 36119.
nvd
CVE-2023-41745P4MEDIUMCVSS 5.5≥ unspecified, < 309912023-08-31
CVE-2023-41745 [MEDIUM] CWE-200 CVE-2023-41745: Sensitive information disclosure due to excessive collection of system information. The following pr
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30991, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
nvd
1 / 2Next →