← back
CVE-2023-48677

CVE-2023-48677

CVSS 7.3 HIGHEPSS 0.3%CWE-427
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.3EPSS 0.3%KEV nãoPoC Patch referenciado
Lifecycle
12 Dec 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901, Acronis Cyber Protect Cloud Agent (Windows) before build 39378, Acronis Cyber Protect 16 (Windows) before build 39938, Acronis True Image OEM (Windows) before build 42575.
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected products
Acronis · Acronis Cyber Protect 16Acronis · Acronis Cyber Protect Cloud AgentAcronis · Acronis Cyber Protect Home OfficeAcronis · Acronis True Image OEM

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://security-advisory.acronis.com/advisories/SEC-5620