PT-2025-5581 · Acronis · Acronis Snap Deploy

Wdormann

Publicado

2025-01-28

Atualizado

2025-01-28

CVE-2025-24826

CVSS v3.1

6.7

Média

Vetor

AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Acronis Snap Deploy (Windows) versions before build 4625

Description The issue is related to local privilege escalation due to insecure folder permissions. This allows for potential exploitation, though specific details about the estimated number of affected devices or real-world incidents are not provided.

Recommendations For Acronis Snap Deploy (Windows) versions before build 4625, update to build 4625 or later to resolve the issue. As a temporary workaround, consider restricting access to the insecurely permissioned folders until a patch is applied.

Correção

LPE

Incorrect Default Permissions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-276

Identificadores relacionados

CVE-2025-24826

Produtos afetados

Acronis Snap Deploy

PT-2025-5581 · Acronis · Acronis Snap Deploy

CVE-2025-24826

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4