Shodan
Vulnerabilities
Vulnerable Software
Acronis:  >> True Image  Security Vulnerabilities
CVE-2021-32577
Acronis True Image prior to 2021 Update 5 for Windows allowed local privilege escalation due to insecure folder permissions.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-08-05
CVE-2021-32578
Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 2 of 2).
CVSS Score
7.8
EPSS Score
0.001
Published
2021-08-05
CVE-2020-15495
Acronis True Image 2019 update 1 through 2020 on macOS allows local privilege escalation due to an insecure XPC service configuration.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-07-15
CVE-2020-25593
Acronis True Image through 2021 on macOS allows local privilege escalation from admin to root due to insecure folder permissions.
CVSS Score
6.7
EPSS Score
0.0
Published
2021-07-15
CVE-2020-25736
Acronis True Image 2019 update 1 through 2021 update 1 on macOS allows local privilege escalation due to an insecure XPC service configuration.
CVSS Score
7.8
EPSS Score
0.151
Published
2021-07-15
CVE-2020-15496
Acronis True Image for Mac before 2021 Update 4 allowed local privilege escalation due to insecure folder permissions.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-07-15
CVE-2020-35145
Acronis True Image for Windows prior to 2021 Update 3 allowed local privilege escalation due to a DLL hijacking vulnerability in multiple components, aka an Untrusted Search Path issue.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-01-29
CVE-2020-10139
Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Acronis True Image contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate path to a specially-crafted openssl.cnf file to achieve arbitrary code execution with SYSTEM privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-10-21
CVE-2020-10140
Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory. Because some privileged processes are executed from the C:\ProgramData\Acronis, an unprivileged user can achieve arbitrary code execution with SYSTEM privileges by placing a DLL in one of several paths within C:\ProgramData\Acronis.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-10-21
CVE-2017-3219
Acronis True Image up to and including version 2017 Build 8053 performs software updates using HTTP. Downloaded updates are only verified using a server-provided MD5 hash.
CVSS Score
8.8
EPSS Score
0.0
Published
2017-06-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved