CVE-2024-55542

Summary

Local privilege escalation due to excessive permissions assigned to Tray Monitor service. The following products are affected: Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35895.

Affected Software

VendorProductVersion RangeStatus
AcronisAcronis Cyber Protect 16unspecified < 39169affected
AcronisAcronis Cyber Protect Cloud Agentunspecified < 35895affected

Weaknesses

  • CWE-266: CWE-266

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References