Local Privilege Escalation in Acronis Cyber Protect Home Office
CVE-2022-44747

2.2LOW

Key Information:

Vendor

Acronis
Status
Acronis Cyber Protect Home Office
Vendor
CVE Published:
7 November 2022

What is CVE-2022-44747?

Acronis Cyber Protect Home Office for Windows prior to build 40107 is susceptible to a local privilege escalation vulnerability caused by improper handling of soft links. This weakness could potentially allow an attacker to gain elevated privileges, leading to unauthorized access to sensitive system resources and data.

Affected Version(s)

Acronis Cyber Protect Home Office Windows 0 < 40107

References

https://security-advisory.acronis.com/advisories/SEC-4540
vendor-advisory

CVSS V3.1

Score:
2.2
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

CVSS V3.0

Score:
2.2
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2022-44747 : Local Privilege Escalation in Acronis Cyber Protect Home Office