Vanitas

**Name of the Vulnerable Software and Affected Versions** Acronis Cyber Protect 17 (Windows) versions prior to build 41186 **Description** A local privilege escalation can occur due to a DLL hijacking issue. This allows an attacker to execute code with elevated privileges on a compromised system. **Recommendations** Update Acronis Cyber Protect 17 (Windows) to build 41186 or later.

**Name of the Vulnerable Software and Affected Versions** Acronis Cyber Protect 17 (Windows) versions prior to build 41186 **Description** A local privilege escalation can occur due to a DLL hijacking issue. This allows an attacker to execute code with elevated privileges on a compromised system. **Recommendations** Update Acronis Cyber Protect 17 (Windows) to build 41186 or later.

**Name of the Vulnerable Software and Affected Versions** Acronis Cyber Protect 16 (Windows) versions before build 39169 **Description** The issue is related to a local privilege escalation due to a DLL hijacking vulnerability. This allows an attacker to potentially gain elevated privileges on the system. The estimated number of potentially affected devices worldwide is not specified. There is no information provided about real-world incidents where this issue was exploited. **Recommendations** For Acronis Cyber Protect 16 (Windows) versions before build 39169, update to a version that includes the fix for this issue, specifically build 39169 or later. As a temporary workaround, consider restricting access to vulnerable system components to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Acronis Cyber Protect 15 (Windows) versions prior to build 28035 Description: DLL hijacking could lead to local privilege escalation. Recommendations: For Acronis Cyber Protect 15 (Windows) versions prior to build 28035, update to build 28035 or later to resolve the issue. As a temporary workaround, consider restricting access to vulnerable DLLs until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Acronis True Image version 2021 **Description** The issue arises from improper ACL settings of the C:ProgramDataAcronis directory by Acronis True Image 2021. This allows an unprivileged user to execute arbitrary code with SYSTEM privileges by placing a DLL in specific paths within C:ProgramDataAcronis. **Recommendations** For Acronis True Image version 2021, as a temporary workaround, consider restricting access to the C:ProgramDataAcronis directory to prevent unprivileged users from placing malicious DLLs. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Acronis True Image version 2021 **Description** The issue concerns an OpenSSL component in Acronis True Image 2021, where the OPENSSLDIR variable is specified as a subdirectory within C:jenkins agent. This component is used by a privileged service within Acronis True Image. An unprivileged Windows user can create subdirectories off the system root, potentially allowing the creation of a specially-crafted openssl.cnf file. This could lead to arbitrary code execution with SYSTEM privileges. **Recommendations** For Acronis True Image version 2021, consider restricting access to the system root to prevent unprivileged users from creating subdirectories that could be used to exploit this issue. As a temporary workaround, restrict the use of the OpenSSL component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Acronis Cyber Backup versions 12.5 Acronis Cyber Protect version 15 **Description** The issue concerns an OpenSSL component in Acronis Cyber Backup and Cyber Protect that specifies an OPENSSLDIR variable as a subdirectory within C:jenkins agent. This component is used by a privileged service in these products. Unprivileged Windows users can create subdirectories off of the system root, allowing a user to create a path to a specially-crafted openssl.cnf file. This can lead to arbitrary code execution with SYSTEM privileges. **Recommendations** For Acronis Cyber Backup version 12.5, consider disabling the privileged service that uses the OpenSSL component until a patch is available. For Acronis Cyber Protect version 15, restrict access to the subdirectory within C:jenkins agent to minimize the risk of exploitation. Avoid using the `OPENSSLDIR` variable in the affected OpenSSL component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.