PT-2023-5803 · Acronis · Acronis Cyber Protect Home Office+3

Alfarom256

Publicado

2023-08-31

Atualizado

2023-09-06

CVE-2023-41743

CVSS v3.1

8.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Acronis Cyber Protect Home Office versions prior to build 40278 Acronis Agent versions prior to build 31637 Acronis Cyber Protect 15 versions prior to build 35979

Description The issue is related to local privilege escalation due to insecure driver communication port permissions. This could allow an attacker to elevate their privileges.

Recommendations For Acronis Cyber Protect Home Office versions prior to build 40278, update to build 40278 or later. For Acronis Agent versions prior to build 31637, update to build 31637 or later. For Acronis Cyber Protect 15 versions prior to build 35979, update to build 35979 or later.

Correção

LPE

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-269

Identificadores relacionados

BDU:2023-06489

CVE-2023-41743

Produtos afetados

Acronis

Acronis Agent

Acronis Cyber Protect 15

Acronis Cyber Protect Home Office

PT-2023-5803 · Acronis · Acronis Cyber Protect Home Office+3

CVE-2023-41743

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7