Local Privilege Escalation in Acronis Cyber Protect Home Office for Windows
CVE-2022-44732
7.3HIGH
Key Information:
- Vendor
- Acronis
- Vendor
- CVE Published:
- 7 November 2022
Summary
A vulnerability exists in Acronis Cyber Protect Home Office for Windows due to insecure folder permissions, which may allow an attacker with local access to escalate privileges, potentially leading to unauthorized actions within the system. Users are advised to ensure they update to the latest build to mitigate this risk and protect their sensitive data.
Affected Version(s)
Acronis Cyber Protect Home Office Windows 0 < 39900
References
CVSS V3.1
Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved