What is CVE-2022-24115?

CVE-2022-24115 is a vulnerability in Acronis Cyber Protect Home Office, classified under Improper Verification of Cryptographic Signature. Published 2022-02-04.

Is CVE-2022-24115 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Acronis Cyber Protect Home Office

CVE-2022-24115

Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287

EPSS: 0.000 (7.1th percentile) — read the EPSS interpretation.

Affected products

Acronis Cyber Protect Home Office — versions unspecified
Acronis True Image 2021 — versions unspecified

Weakness classification (CWE)

CWE-347 — Improper Verification of Cryptographic Signature

Public proof-of-concept exploits

References

security-advisory.acronis.com/advisories/SEC-3359 (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-24115?: CVE-2022-24115 is a vulnerability in Acronis Cyber Protect Home Office, classified under Improper Verification of Cryptographic Signature. Published 2022-02-04.
Is CVE-2022-24115 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.