True Image
by Acronis
CVEs (33)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-44208 | Cri | 0.59 | 9.1 | 0.00 | Oct 4, 2023 | Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575. | ||
| CVE-2017-3219 | Hig | 0.57 | 8.8 | 0.00 | Jun 21, 2017 | Acronis True Image up to and including version 2017 Build 8053 performs software updates using HTTP. Downloaded updates are only verified using a server-provided MD5 hash. | ||
| CVE-2024-34010 | Hig | 0.53 | 8.2 | 0.00 | Apr 29, 2024 | Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690, Acronis True Image (Windows) before build 42386,… | ||
| CVE-2026-28727 | Hig | 0.51 | 7.8 | 0.00 | Mar 6, 2026 | Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124, Acronis True Image (macOS) before build 42902. | ||
| CVE-2024-34013 | Hig | 0.51 | 7.8 | 0.01 | Jul 18, 2024 | Local privilege escalation due to OS command injection vulnerability. The following products are affected: Acronis True Image (macOS) before build 41396, Acronis True Image OEM (macOS) before build 42571. | ||
| CVE-2023-5042 | Hig | 0.49 | 7.5 | 0.00 | Sep 20, 2023 | Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575. | ||
| CVE-2025-11178 | Hig | 0.47 | 7.3 | 0.00 | Sep 30, 2025 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42386, Acronis True Image for Western Digital (Windows) before build 42636, Acronis True Image for SanDisk (Windows) before build 42679,… | ||
| CVE-2026-33271 | Med | 0.44 | 6.7 | 0.00 | Apr 2, 2026 | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902. | ||
| CVE-2026-28728 | Med | 0.44 | 6.7 | 0.00 | Apr 2, 2026 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902. | ||
| CVE-2026-27774 | Med | 0.44 | 6.7 | 0.00 | Apr 2, 2026 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902. | ||
| CVE-2024-49385 | Med | 0.36 | 5.5 | 0.00 | Jan 2, 2025 | Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 41736, Acronis True Image OEM (Windows) before build 42575. | ||
| CVE-2020-25736 | 0.05 | — | 0.02 | Jul 15, 2021 | Acronis True Image 2019 update 1 through 2021 update 1 on macOS allows local privilege escalation due to an insecure XPC service configuration. | |||
| CVE-2021-44204 | 0.00 | — | 0.00 | Feb 4, 2022 | Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build… | |||
| CVE-2022-24114 | 0.00 | — | 0.00 | Feb 4, 2022 | Local privilege escalation due to race condition on application startup. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287 | |||
| CVE-2021-44205 | 0.00 | — | 0.00 | Feb 4, 2022 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287 | |||
| CVE-2022-24115 | 0.00 | — | 0.00 | Feb 4, 2022 | Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287 | |||
| CVE-2021-32577 | 0.00 | — | 0.00 | Aug 5, 2021 | Acronis True Image prior to 2021 Update 5 for Windows allowed local privilege escalation due to insecure folder permissions. | |||
| CVE-2021-32581 | 0.00 | — | 0.01 | Aug 5, 2021 | Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation. | |||
| CVE-2021-32578 | 0.00 | — | 0.00 | Aug 5, 2021 | Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 2 of 2). | |||
| CVE-2021-32576 | 0.00 | — | 0.00 | Aug 5, 2021 | Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 1 of 2). |
- risk 0.59cvss 9.1epss 0.00
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575.
- risk 0.57cvss 8.8epss 0.00
Acronis True Image up to and including version 2017 Build 8053 performs software updates using HTTP. Downloaded updates are only verified using a server-provided MD5 hash.
- risk 0.53cvss 8.2epss 0.00
Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690, Acronis True Image (Windows) before build 42386,…
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124, Acronis True Image (macOS) before build 42902.
- risk 0.51cvss 7.8epss 0.01
Local privilege escalation due to OS command injection vulnerability. The following products are affected: Acronis True Image (macOS) before build 41396, Acronis True Image OEM (macOS) before build 42571.
- risk 0.49cvss 7.5epss 0.00
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575.
- risk 0.47cvss 7.3epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42386, Acronis True Image for Western Digital (Windows) before build 42636, Acronis True Image for SanDisk (Windows) before build 42679,…
- risk 0.44cvss 6.7epss 0.00
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902.
- risk 0.44cvss 6.7epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902.
- risk 0.44cvss 6.7epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902.
- risk 0.36cvss 5.5epss 0.00
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 41736, Acronis True Image OEM (Windows) before build 42575.
- CVE-2020-25736Jul 15, 2021risk 0.05cvss —epss 0.02
Acronis True Image 2019 update 1 through 2021 update 1 on macOS allows local privilege escalation due to an insecure XPC service configuration.
- CVE-2021-44204Feb 4, 2022risk 0.00cvss —epss 0.00
Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build…
- CVE-2022-24114Feb 4, 2022risk 0.00cvss —epss 0.00
Local privilege escalation due to race condition on application startup. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287
- CVE-2021-44205Feb 4, 2022risk 0.00cvss —epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
- CVE-2022-24115Feb 4, 2022risk 0.00cvss —epss 0.00
Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287
- CVE-2021-32577Aug 5, 2021risk 0.00cvss —epss 0.00
Acronis True Image prior to 2021 Update 5 for Windows allowed local privilege escalation due to insecure folder permissions.
- CVE-2021-32581Aug 5, 2021risk 0.00cvss —epss 0.01
Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation.
- CVE-2021-32578Aug 5, 2021risk 0.00cvss —epss 0.00
Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 2 of 2).
- CVE-2021-32576Aug 5, 2021risk 0.00cvss —epss 0.00
Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 1 of 2).
Page 1 of 2