Local Privilege Escalation in Acronis True Image for macOS
CVE-2020-25736
7.8HIGH
Summary
A vulnerability exists in Acronis True Image on macOS that allows local privilege escalation due to an insecurely configured XPC service. This misconfiguration enables a local attacker to exploit this weakness to gain elevated privileges, potentially compromising system integrity and user data. Users of Acronis True Image 2019 update 1 through 2021 update 1 are particularly at risk and are advised to take appropriate measures to secure their systems.
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved