CVE-2022-45451

HIGH

Acronis Agent < 30600 & Cyber Protect Home Office < 40173 - Local Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-45451. PoCs published by alfarom256.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2022-45451, targeting Acronis software. The exploit demonstrates how to connect to the AcronisNgScanServicePort and manipulate registry keys to inject DLLs, potentially leading to privilege escalation.

Description

Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173, Acronis Agent (Windows) before build 30600, Acronis Cyber Protect 15 (Windows) before build 30984.

Exploits (1)

nomisec WORKING POC 18 stars

by alfarom256 · poc

https://github.com/alfarom256/CVE-2022-45451

View Code ZIP pw:eip

This repository contains a proof-of-concept exploit for CVE-2022-45451, targeting Acronis software. The exploit demonstrates how to connect to the AcronisNgScanServicePort and manipulate registry keys to inject DLLs, potentially leading to privilege escalation.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Acronis software (specific version not specified)

No auth needed

Prerequisites: Access to the target system · Acronis software installed and running

MITRE ATT&CK

T1548.002 - Bypass User Account Control T1112 - Modify Registry

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Release Notes, Vendor Advisory vendor-advisory

https://security-advisory.acronis.com/advisories/SEC-4858

Release Notes, Vendor Advisory related

https://security-advisory.acronis.com/SEC-5487

Scores

CVSS v3 7.8

EPSS 0.0047

EPSS Percentile 37.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-269

Status published

Products (3)

acronis/agent < c22.10

acronis/cyber_protect 15 (6 CPE variants)

acronis/cyber_protect_home_office < 40173

Published Aug 31, 2023

Tracked Since Feb 18, 2026