PT-2023-30892 · Acronis · Acronis Cyber Protect Cloud Agent+1

Veath

Publicado

2023-12-12

Atualizado

2025-06-04

CVE-2023-48677

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Acronis Cyber Protect Home Office versions prior to build 40901 Acronis Cyber Protect Cloud Agent versions prior to build 39378

Description The issue is related to a local privilege escalation due to a DLL hijacking vulnerability. This allows for potential exploitation where an attacker could gain elevated privileges on a system.

Recommendations For Acronis Cyber Protect Home Office versions prior to build 40901, update to build 40901 or later to resolve the issue. For Acronis Cyber Protect Cloud Agent versions prior to build 39378, update to build 39378 or later to resolve the issue.

Correção

LPE

Uncontrolled Search Path Element

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-427

Identificadores relacionados

CVE-2023-48677

Produtos afetados

Acronis Cyber Protect Cloud Agent

Acronis Cyber Protect Home Office

PT-2023-30892 · Acronis · Acronis Cyber Protect Cloud Agent+1

CVE-2023-48677

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6