Local Privilege Escalation in Acronis Cyber Protect by Acronis
CVE-2023-44157

3.3LOW

Key Information:

Vendor

Acronis

Vendor
CVE Published:
27 September 2023

What is CVE-2023-44157?

Acronis Cyber Protect 15 (Windows) is susceptible to local privilege escalation owing to insecure folder permissions. This vulnerability could allow a malicious actor to gain elevated privileges on the affected system, potentially compromising sensitive data and functionalities. Users are advised to update to build 35979 or later to mitigate this issue.

Affected Version(s)

Acronis Cyber Protect 15 Windows < 35979

References

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.