Local Privilege Escalation in Acronis True Image for macOS
CVE-2020-25736

7.8HIGH

Key Information:

Vendor
Acronis
Vendor
CVE Published:
15 July 2021

Summary

A vulnerability exists in Acronis True Image on macOS that allows local privilege escalation due to an insecurely configured XPC service. This misconfiguration enables a local attacker to exploit this weakness to gain elevated privileges, potentially compromising system integrity and user data. Users of Acronis True Image 2019 update 1 through 2021 update 1 are particularly at risk and are advised to take appropriate measures to secure their systems.

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.