CVE-2021-44199

MEDIUM

Acronis Agent < 15 - Uncontrolled Search Path

Title source: rule

Description

DLL hijacking could lead to denial of service. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27305, Acronis Cyber Protect Home Office (Windows) before build 39612

References (1)

[Patch, Vendor Advisory] https://security-advisory.acronis.com/advisories/SEC-2508

Scores

CVSS v3 5.5

EPSS 0.0005

EPSS Percentile 16.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Classification

CWE

CWE-427

Status published

Affected Products (6)

acronis/agent

acronis/cyber_protect < 15

acronis/cyber_protect

acronis/cyber_protect_home_office

Timeline

Published Nov 29, 2021

Tracked Since Feb 18, 2026