PT-2023-5804 · Acronis · Acronis Cyber Protect Home Office
Z3Ron3
·
Published
2023-08-31
·
Updated
2023-09-07
·
CVE-2022-46868
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Acronis Cyber Protect Home Office (Windows) versions before build 40173
Description
The issue is related to local privilege escalation during recovery due to improper soft link handling. This could allow an attacker to elevate their privileges.
Recommendations
For Acronis Cyber Protect Home Office (Windows) versions before build 40173, update to build 40173 or later to resolve the issue. As a temporary workaround, consider restricting access to the recovery feature until a patch is applied.
Fix
LPE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acronis Cyber Protect Home Office