Acronis True Image for Windows prior to 2021 Update 3 allowed local privilege escalation due to a DLL hijacking vulnerability in multiple components, aka an Untrusted Search Path issue.
References
Link | Resource |
---|---|
https://www.acronis.com/en-us/products/true-image/ | Product Vendor Advisory |
https://www.acronis.com/en-us/support/updates/changes.html?p=42246 | Release Notes Vendor Advisory |
Configurations
History
04 Feb 2021, 18:56
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:acronis:true_image:*:*:*:*:*:windows:*:* | |
References | (MISC) https://www.acronis.com/en-us/products/true-image/ - Product, Vendor Advisory | |
References | (CONFIRM) https://www.acronis.com/en-us/support/updates/changes.html?p=42246 - Release Notes, Vendor Advisory | |
CWE | CWE-426 | |
CVSS |
v2 : v3 : |
v2 : 4.4
v3 : 7.8 |
29 Jan 2021, 07:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-01-29 07:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-35145
Mitre link : CVE-2020-35145
CVE.ORG link : CVE-2020-35145
JSON object : View
Products Affected
acronis
- true_image
CWE
CWE-427
Uncontrolled Search Path Element