Overview
- Description
- Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 2 of 2).
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-610
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:acronis:true_image:2021:-:*:*:*:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "F7B99318-3AA5-428D-B0D7-106128BDCE78"
},
{
"criteria": "cpe:2.3:a:acronis:true_image:2021:update_1:*:*:*:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "B1CFEB0F-588B-4B88-9169-4ADB6396C1C5"
},
{
"criteria": "cpe:2.3:a:acronis:true_image:2021:update_2:*:*:*:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "54BE6067-0357-4C68-AA06-CB5EEA3DD86F"
},
{
"criteria": "cpe:2.3:a:acronis:true_image:2021:update_3:*:*:*:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "02D1EBBC-47EE-4C46-AA69-DD0B7DE1B173"
}
],
"operator": "OR"
}
]
}
]