CVE-2021-44204
Last modified
CVE-2021-44204 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287. EPSS estimates a 0.19% chance of exploitation in the next 30 days.
Description
Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Acronis | True Image | 2021 |
| Acronis | Agent | < c21.06 |
| Acronis | Cyber Protect | 15 |
| Acronis | Cyber Protect Home Office | All versions |
References
- https://security-advisory.acronis.com/advisories/SEC-2355Vendor Advisory
- https://security-advisory.acronis.com/advisories/SEC-2355Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-44204?
How severe is CVE-2021-44204?
How do I fix CVE-2021-44204?
Are you affected by CVE-2021-44204?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST