Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Agent (Windows) before build 31637, Acronis Cyber Protect 15 (Windows) before build 35979.
References
Link | Resource |
---|---|
https://security-advisory.acronis.com/SEC-4858 | Release Notes Vendor Advisory |
https://security-advisory.acronis.com/advisories/SEC-5487 | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
06 Sep 2023, 00:17
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE | CWE-269 | |
References | (MISC) https://security-advisory.acronis.com/advisories/SEC-5487 - Release Notes, Vendor Advisory | |
References | (MISC) https://security-advisory.acronis.com/SEC-4858 - Release Notes, Vendor Advisory | |
First Time |
Acronis
Acronis agent Microsoft Microsoft windows Acronis cyber Protect Home Office Acronis cyber Protect |
|
CPE | cpe:2.3:a:acronis:cyber_protect_home_office:40173:*:*:*:*:*:*:* cpe:2.3:a:acronis:cyber_protect_home_office:-:*:*:*:*:*:*:* cpe:2.3:a:acronis:cyber_protect:15:update5:*:*:*:*:*:* cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:* cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:* cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:acronis:agent:*:*:*:*:*:*:*:* cpe:2.3:a:acronis:cyber_protect_home_office:40107:*:*:*:*:*:*:* cpe:2.3:a:acronis:cyber_protect_home_office:40208:*:*:*:*:*:*:* cpe:2.3:a:acronis:cyber_protect_home_office:39900:*:*:*:*:*:*:* cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:* cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:* |
31 Aug 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
Summary | Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Agent (Windows) before build 31637, Acronis Cyber Protect 15 (Windows) before build 35979. |
31 Aug 2023, 17:25
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-31 16:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-41743
Mitre link : CVE-2023-41743
CVE.ORG link : CVE-2023-41743
JSON object : View
Products Affected
acronis
- agent
- cyber_protect
- cyber_protect_home_office
microsoft
- windows
CWE
CWE-269
Improper Privilege Management