Privilege Escalation Vulnerability in Acronis True Image by Acronis

CVE-2020-9452

Summary

Acronis True Image 2020 contains a vulnerability that allows unprivileged users to use hardlinks to overwrite arbitrary files in system directories via the anti_ransomware_service.exe component. This issue arises from improper permissions in the quarantine folder, enabling potential unauthorized access to SYSTEM-level privileges. Although the quarantine feature is disabled by default, it can be forced through interactions with the service's REST API, raising significant security concerns for data integrity.

References