CVE-2020-10138

Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Acronis Cyber Backup and Cyber Protect contain a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate path to a specially-crafted openssl.cnf file to achieve arbitrary code execution with SYSTEM privileges.
References
Link Resource
https://www.kb.cert.org/vuls/id/114757 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:acronis:cyber_backup:*:*:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-10-21 14:15

Updated : 2024-02-28 18:08


NVD link : CVE-2020-10138

Mitre link : CVE-2020-10138

CVE.ORG link : CVE-2020-10138


JSON object : View

Products Affected

acronis

  • cyber_protect
  • cyber_backup
CWE
CWE-665

Improper Initialization

CWE-284

Improper Access Control