CVE-2020-9451
MEDIUMAcronis True Image 2020 24.5.22510 - Denial of Service via Hardlink Attack on Log File
Title source: llmDescription
An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe keeps a log in a folder where unprivileged users have write permissions. The logs are generated in a predictable pattern, allowing an unprivileged user to create a hardlink from a (not yet created) log file to anti_ransomware_service.exe. On reboot, this forces the anti_ransomware_service to try to write its log into its own process, crashing in a SHARING VIOLATION. This crash occurs on every reboot.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_misc
https://www.acronis.com
Third Party Advisory x_refsource_misc
https://danishcyberdefence.dk/blog
Exploit, Third Party Advisory x_refsource_misc
https://madsjoensen.dk/cve-2020-9451/
Scores
CVSS v3
5.5
EPSS
0.0004
EPSS Percentile
11.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-276
Status
published
Products (1)
acronis/true_image_2020
24.5.22510
Published
May 25, 2021
Tracked Since
Feb 18, 2026