Versio.io

CVE-2022-24113

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 05-02-2022 12:15
Last modified: - 11-02-2022 04:13
Total changes: - 2

Description

Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Low
Attack complexity
Local
Attack vector
High
Availability
High
Confidentiality
High
Integrity
Low
Privileges required
Unchanged
Scope
None
User interaction
7.8
Base score
1.8
5.9
Exploitability score
Impact score
 

Verification logic

OR
AND
OR
vendor=acronis AND product=agent AND versionEndExcluding=c21.06
vendor=acronis AND product=cyber_protect AND version=15 AND update=-
vendor=acronis AND product=cyber_protect AND version=15 AND update=update1
vendor=acronis AND product=cyber_protect AND version=15 AND update=update2
vendor=acronis AND product=cyber_protect_home_office AND version=-
OR
vendor=microsoft AND product=windows AND version=-
OR
vendor=acronis AND product=true_image AND version=2021 AND update=- AND target_software=windows
vendor=acronis AND product=true_image AND version=2021 AND update=update_1 AND target_software=windows
vendor=acronis AND product=true_image AND version=2021 AND update=update_2 AND target_software=windows
vendor=acronis AND product=true_image AND version=2021 AND update=update_3 AND target_software=windows
vendor=acronis AND product=true_image AND version=2021 AND update=update_4 AND target_software=windows
vendor=acronis AND product=true_image AND version=2021 AND update=update_5 AND target_software=windows
 

Reference

 


Keywords

NVD

 

CVE-2022-24113

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.