CVE-2024-34010

HIGH

Acronis - Privilege Escalation

Title source: llm

Description

Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690, Acronis True Image (Windows) before build 42386, Acronis True Image OEM (Windows) before build 42575.

References (1)

[Various Sources] https://security-advisory.acronis.com/advisories/SEC-7110

Scores

CVSS v3 8.2

EPSS 0.0010

EPSS Percentile 28.1%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-428

Status published

Products (4)

Acronis/Acronis Cyber Protect 16 unspecified - 38690

Acronis/Acronis Cyber Protect Cloud Agent unspecified - 37758

Acronis/Acronis True Image unspecified - 42386

Acronis/Acronis True Image OEM unspecified - 42575

Published Apr 29, 2024

Tracked Since Feb 18, 2026