PT-2023-5806 · Acronis · Acronis Cyber Protect Home Office

Published

2023-10-04

Updated

2023-10-07

CVE-2023-44208

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Acronis Cyber Protect Home Office (Windows) before build 40713

Description The issue is related to sensitive information disclosure and manipulation due to missing authorization, potentially allowing a remote attacker to elevate their privileges.

Recommendations For Acronis Cyber Protect Home Office (Windows) before build 40713, update to a version after build 40713 to resolve the issue. As a temporary workaround, consider restricting access to sensitive information and implementing additional authorization checks until a patch is available.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

BDU:2023-06492

CVE-2023-44208

Affected Products

Acronis Cyber Protect Home Office

PT-2023-5806 · Acronis · Acronis Cyber Protect Home Office

CVE-2023-44208

Weakness Enumeration

Related Identifiers

Affected Products

References · 8