PT-2024-25645 · Acronis · Acronis Snap Deploy
Mmg
·
Published
2024-08-29
·
Updated
2024-09-12
·
CVE-2024-34019
CVSS v3.1
7.3
High
| Vector | AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Acronis Snap Deploy (Windows) versions before build 4569
Description
A local privilege escalation issue exists due to a DLL hijacking vulnerability. This allows for potential exploitation, leading to elevated privileges on the system. The estimated number of potentially affected devices worldwide is not specified. There is no information provided about real-world incidents where this issue was exploited.
Recommendations
For Acronis Snap Deploy (Windows) versions before build 4569, update to a version after build 4569 to resolve the issue. As a temporary workaround, consider restricting access to vulnerable DLLs until a patch is available.
Fix
Uncontrolled Search Path Element
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acronis Snap Deploy