CVE-2022-24114

Local privilege escalation due to race condition on application startup. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287

Published: Feb 5, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-24114
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Low
Score: 4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-362

Affected Software
References

Software	From	Fixed in
acronis / true_image	2021-update_3	2021-update_3.x
acronis / true_image	2021-update_1	2021-update_1.x
acronis / true_image	2021-update_2	2021-update_2.x
acronis / true_image	2021	2021.x
acronis / true_image	2021-update_4	2021-update_4.x

https://security-advisory.acronis.com/advisories/SEC-3316

Vulnerability Database

289,784

CVE-2022-24114