Acronis Cyber Protect Home Office vulnerabilities
22 known vulnerabilities affecting acronis/acronis_cyber_protect_home_office.
Total CVEs
22
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH18MEDIUM3
Vulnerabilities
Page 1 of 2
CVE-2023-44208P3CRITICALCVSS 9.1≥ unspecified, < 407132023-10-04
CVE-2023-44208 [CRITICAL] CWE-862 CVE-2023-44208: Sensitive information disclosure and manipulation due to missing authorization. The following produc
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575.
nvd
CVE-2022-45451P3HIGHCVSS 7.8≥ unspecified, < 401732023-08-31
CVE-2022-45451 [HIGH] CWE-269 CVE-2022-45451: Local privilege escalation due to insecure driver communication port permissions. The following prod
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173, Acronis Agent (Windows) before build 30600, Acronis Cyber Protect 15 (Windows) before build 30984.
nvd
CVE-2023-41743P3HIGHCVSS 7.8≥ unspecified, < 402782023-08-31
CVE-2023-41743 [HIGH] CWE-269 CVE-2023-41743: Local privilege escalation due to insecure driver communication port permissions. The following prod
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Cyber Protect Cloud Agent (Windows) before build 31637, Acronis Cyber Protect 15 (Windows) before build 35979, Acronis True Image OEM (Windows) before build 42575
nvd
CVE-2023-5042P3HIGHCVSS 7.5≥ unspecified, < 407132023-09-20
CVE-2023-5042 [HIGH] CWE-276 CVE-2023-5042: Sensitive information disclosure due to insecure folder permissions. The following products are affe
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575.
nvd
CVE-2022-46869P3HIGHCVSS 7.8≥ unspecified, < 402782023-08-31
CVE-2022-46869 [HIGH] CWE-610 CVE-2022-46869: Local privilege escalation during installation due to improper soft link handling. The following pro
Local privilege escalation during installation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis True Image OEM (Windows) before build 42575.
nvd
CVE-2022-24113P3HIGHCVSS 7.8≥ unspecified, < 396122022-02-04
CVE-2022-24113 [HIGH] CWE-250 CVE-2022-24113: Local privilege escalation due to excessive permissions assigned to child processes. The following p
Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
nvd
CVE-2021-44204P3HIGHCVSS 7.8≥ unspecified, < 396122022-02-04
CVE-2021-44204 [HIGH] CWE-285 CVE-2021-44204: Local privilege escalation via named pipe due to improper access control checks. The following produ
Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
nvd
CVE-2022-44747P3HIGHCVSS 7.8fixed in 401072022-11-07
CVE-2022-44747 [HIGH] CWE-610 CVE-2022-44747: Local privilege escalation due to improper soft link handling. The following products are affected:
Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107.
nvd
CVE-2022-46868P3HIGHCVSS 7.8≥ unspecified, < 401732023-08-31
CVE-2022-46868 [HIGH] CWE-610 CVE-2022-46868: Local privilege escalation during recovery due to improper soft link handling. The following product
Local privilege escalation during recovery due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173.
nvd
CVE-2022-45455P3HIGHCVSS 7.8≥ unspecified, < 401072023-02-13
CVE-2022-45455 [HIGH] CWE-459 CVE-2022-45455: Local privilege escalation due to incomplete uninstallation cleanup. The following products are affe
Local privilege escalation due to incomplete uninstallation cleanup. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107, Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984.
nvd
CVE-2022-4418P3HIGHCVSS 7.8≥ unspecified, < 402082023-05-18
CVE-2022-4418 [HIGH] CWE-347 CVE-2022-4418: Local privilege escalation due to unrestricted loading of unsigned libraries. The following products
Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40208.
nvd
CVE-2023-48677P3HIGHCVSS 7.8≥ unspecified, < 409012023-12-12
CVE-2023-48677 [HIGH] CWE-427 CVE-2023-48677: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected:
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901, Acronis Cyber Protect Cloud Agent (Windows) before build 39378, Acronis Cyber Protect 16 (Windows) before build 39938, Acronis True Image OEM (Windows) before build 42575.
nvd
CVE-2022-44733P3HIGHCVSS 7.8fixed in 399002022-11-07
CVE-2022-44733 [HIGH] CWE-269 CVE-2022-44733: Local privilege escalation due to insecure folder permissions. The following products are affected:
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39900.
nvd
CVE-2022-24115P3HIGHCVSS 7.8≥ unspecified, < 396052022-02-04
CVE-2022-24115 [HIGH] CWE-347 CVE-2022-24115: Local privilege escalation due to unrestricted loading of unsigned libraries. The following products
Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287
nvd
CVE-2022-44732P3HIGHCVSS 7.8fixed in 399002022-11-07
CVE-2022-44732 [HIGH] CWE-269 CVE-2022-44732: Local privilege escalation due to insecure folder permissions. The following products are affected:
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39900.
nvd
CVE-2021-44205P4HIGHCVSS 7.3≥ unspecified, < 396122022-02-04
CVE-2021-44205 [HIGH] CWE-427 CVE-2021-44205: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected:
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
nvd
CVE-2021-44206P4HIGHCVSS 7.3≥ unspecified, < 396122022-02-04
CVE-2021-44206 [HIGH] CWE-427 CVE-2021-44206: Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. The
Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
nvd
CVE-2022-44744P4HIGHCVSS 7.3fixed in 401072022-11-07
CVE-2022-44744 [HIGH] CWE-427 CVE-2022-44744: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected:
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107.
nvd
CVE-2022-24114P4HIGHCVSS 7.0≥ unspecified, < 396052022-02-04
CVE-2022-24114 [HIGH] CWE-362 CVE-2022-24114: Local privilege escalation due to race condition on application startup. The following products are
Local privilege escalation due to race condition on application startup. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287
nvd
CVE-2022-44745P4MEDIUMCVSS 5.5fixed in 401072022-11-07
CVE-2022-44745 [MEDIUM] CWE-532 CVE-2022-44745: Sensitive information leak through log files. The following products are affected: Acronis Cyber Pro
Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107.
nvd
1 / 2Next →