CVE-2024-55543

Published: Jan 2, 2025Modified: Mar 6, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.

Affected (4)

Products: Acronis: Cyber Protect

Acronis

1 product

Cyber Protect

Configuration A

4 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Acronis Cyber Protect	Up to 15
Acronis Cyber Protect	Version 16
Acronis Cyber Protect	Version 16 update1
Acronis Cyber Protect	Version 16 update2

Running on/with	Platform Versions
Microsoft Windows	All versions

Related CWEs

CWE-427

Uncontrolled Search Path Element

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

References (1)

https://security-advisory.acronis.com/advisories/SEC-6418

Source: security@acronis.com

Vendor Advisory

Timeline

No history available yet.