CVE-2020-35145

HIGH

Acronis True Image for Windows <2021-3 - Privilege Escalation

Title source: llm

Description

Acronis True Image for Windows prior to 2021 Update 3 allowed local privilege escalation due to a DLL hijacking vulnerability in multiple components, aka an Untrusted Search Path issue.

References (2)

[Product, Vendor Advisory] https://www.acronis.com/en-us/products/true-image/

[Release Notes, Vendor Advisory] https://www.acronis.com/en-us/support/updates/changes.html?p=42246

Scores

CVSS v3 7.8

EPSS 0.0013

EPSS Percentile 32.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-427

Status published

Affected Products (1)

acronis/true_image < 2021

Timeline

Published Jan 29, 2021

Tracked Since Feb 18, 2026