Netero1010

**Name of the Vulnerable Software and Affected Versions** Acronis Agent versions before build 30430 Acronis Cyber Protect 15 versions before build 30984 **Description** The issue is related to local privilege escalation due to insecure folder permissions. This can allow an attacker to elevate their privileges. **Recommendations** For Acronis Agent versions before build 30430, update to build 30430 or later. For Acronis Cyber Protect 15 versions before build 30984, update to build 30984 or later.

**Name of the Vulnerable Software and Affected Versions** Acronis Cyber Protect Home Office (Windows) versions prior to build 39900 **Description** The issue is related to local privilege escalation due to insecure folder permissions. **Recommendations** For versions prior to build 39900, update to build 39900 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Avast Premium Security versions prior to 21.11.2500 **Description** The issue is related to DLL hijacking vulnerabilities via the components instup.exe and wsc proxy.exe, which can allow attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file. This is due to the use of an unreliable path search. **Recommendations** For versions prior to 21.11.2500, update to version 21.11.2500 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable components instup.exe and wsc proxy.exe to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Acronis Cyber Protect 15 versions before build 29240 **Description** The issue is related to HTML injection via report name. **Recommendations** For Acronis Cyber Protect 15 versions before build 29240, update to a version after build 29240 to resolve the issue.