Macrium

macrium

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Reflect

reflect

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-43896 1Macrium 1Reflect Jun 17, 2026 Oct 10, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A buffer overflow in Macrium Reflect 8.1.7544 and below allows attackers to escalate privileges or execute arbitrary code.
CVE-2020-10143 1Macrium 1Reflect Jun 17, 2026 Dec 9, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Macrium Reflect includes an OpenSSL component that specifies an OPENSSLDIR variable as C:\openssl\. Macrium Reflect contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can c...Show more Macrium Reflect includes an OpenSSL component that specifies an OPENSSLDIR variable as C:\openssl\. Macrium Reflect contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate path to a specially-crafted openssl.cnf file to achieve arbitrary code execution with SYSTEM privileges.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2023-43896

1Macrium

1Reflect

Jun 17, 2026

Oct 10, 2023

N/A· v4

7.8 HIGH· v3

N/A· v2

A buffer overflow in Macrium Reflect 8.1.7544 and below allows attackers to escalate privileges or execute arbitrary code.

CVE-2020-10143

1Macrium

1Reflect

Jun 17, 2026

Dec 9, 2020

N/A· v4

7.8 HIGH· v3

7.2 HIGH· v2

Macrium Reflect includes an OpenSSL component that specifies an OPENSSLDIR variable as C:\openssl\. Macrium Reflect contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate path to a specially-crafted openssl.cnf file to achieve arbitrary code execution with SYSTEM privileges.Show less