Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
acronis vulnerabilities and exploits
(subscribe to this query)
739
VMScore
CVE-2017-3219
Acronis True Image up to and including version 2017 Build 8053 performs software updates using HTTP. Downloaded updates are only verified using a server-provided MD5 hash.
Acronis True Image
641
VMScore
CVE-2020-25593
Acronis True Image through 2021 on macOS allows local privilege escalation from admin to root due to insecure folder permissions.
Acronis True Image
641
VMScore
CVE-2020-9452
An issue exists in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe includes functionality to quarantine files by copying a suspected ransomware file from one directory to another using SYSTEM privileges. Because unprivileged users have write permissions in the qua...
Acronis True Image 2020 24.5.22510
641
VMScore
CVE-2020-10138
Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Acronis Cyber Backup and Cyber Protect contain a privileged service that uses this OpenSSL component. Because unprivileged...
Acronis Cyber Protect
Acronis Cyber Backup
641
VMScore
CVE-2020-10139
Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Acronis True Image contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories ...
Acronis True Image 2021
614
VMScore
CVE-2020-10140
Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory. Because some privileged processes are executed from the C:\ProgramData\Acronis, an unprivileged user can achieve arbitrary code execution with SYSTEM privileges by placing a DLL in one of ...
Acronis True Image 2021
571
VMScore
CVE-2020-16171
An issue exists in Acronis Cyber Backup prior to 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused ...
Acronis Cyber Backup
Acronis Cyber Backup 12.5
516
VMScore
CVE-2022-30992
Open redirect via user-controlled query parameter. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
Acronis Cyber Protect
Acronis Cyber Protect 15
516
VMScore
CVE-2021-32581
Acronis True Image before 2021 Update 4 for Windows, Acronis True Image before 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation.
Acronis True Image 2021
Acronis Cyber Protect Cloud
Acronis Cyber Protection Agent
505
VMScore
CVE-2008-1411
The PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and previous versions allows remote malicious users to cause a denial of service (crash) via an incomplete TFTP request, which triggers a NULL pointer dereference.
Acronis Snap Deploy 2.0.0.1076
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29824
CVE-2024-30095
CVE-2024-30104
client side
CVE-2024-5840
CVE-2024-34405
unprivileged
wireless
CVE-2024-4577
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »