CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-10140

Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory. Because some privileged processes are executed from the C:\ProgramData\Acronis, an unprivileged user can achieve arbitrary code execution with SYSTEM privileges by placing a DLL in one of several paths within C:\ProgramData\Acronis.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 13.4%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.9

References

https://www.kb.cert.org/vuls/id/114757
https://www.kb.cert.org/vuls/id/114757

Products affected by CVE-2020-10140

Acronis » True Image » Version: 2021

cpe:2.3:a:acronis:true_image:2021

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10140

Products

Pricing

Contact Us