Auth bypass in Acronis Agent

CVE-2021-44204

Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect…

EPSS: 0.000 (13.9th percentile) — read the EPSS interpretation.

Affected products

Acronis Agent — versions unspecified
Acronis Cyber Protect 15 — versions unspecified
Acronis Cyber Protect Home Office — versions unspecified
Acronis True Image 2021 — versions unspecified

Weakness classification (CWE)

CWE-285 — Improper Authorization

References

security-advisory.acronis.com/advisories/SEC-2355 (x_refsource_MISC)