CVE-2023-41743
8.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Cyber Protect Cloud Agent (Windows) before build 31637, Acronis Cyber Protect 15 (Windows) before build 35979, Acronis True Image OEM (Windows) before build 42575.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Acronis | Acronis Cyber Protect Home Office | unspecified < 40278 | affected |
| Acronis | Acronis Cyber Protect Cloud Agent | unspecified < 31637 | affected |
| Acronis | Acronis Cyber Protect 15 | unspecified < 35979 | affected |
| Acronis | Acronis True Image OEM | unspecified < 42575 | affected |
Weaknesses
- CWE-269: CWE-269
ADP Enrichment
CVE Program Container
Additional References
- https://security-advisory.acronis.com/advisories/SEC-5487
- https://security-advisory.acronis.com/SEC-4858
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://security-advisory.acronis.com/advisories/SEC-5487
- https://security-advisory.acronis.com/SEC-4858
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.