Local Privilege Escalation Vulnerability in Acronis Cyber Protect Products
CVE-2024-55542

4.4MEDIUM

Key Information:

Vendor: Acronis
Status: Acronis Cyber Protect 16; Acronis Cyber Protect Cloud Agent
Vendor: CVE Published:; 2 January 2025

What is CVE-2024-55542?

A local privilege escalation vulnerability exists in the Tray Monitor service of Acronis Cyber Protect products, where excessive permissions can lead to unauthorized access and escalation of user privileges. This affects Acronis Cyber Protect 16 and Acronis Cyber Protect Cloud Agent across multiple platforms, including Linux, macOS, and Windows, prior to specified build versions. Users and organizations utilizing these products should take immediate action to update their installations to mitigate potential security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Acronis Cyber Protect 16 Linux < 39169

Acronis Cyber Protect Cloud Agent Linux < 35895

References

https://security-advisory.acronis.com/advisories/SEC-5342

vendor-advisory

CVSS V3.0

Score:

4.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 2, 2025
Vulnerability Reserved
Dec 6, 2024

JSON

Acronis