CVE-2020-9451 — MEDIUM (5.5)

Vulnerability Description

An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe keeps a log in a folder where unprivileged users have write permissions. The logs are generated in a predictable pattern, allowing an unprivileged user to create a hardlink from a (not yet created) log file to anti_ransomware_service.exe. On reboot, this forces the anti_ransomware_service to try to write its log into its own process, crashing in a SHARING VIOLATION. This crash occurs on every reboot.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Acronis	True Image 2020	24.5.22510

Related Weaknesses (CWE)

CWE-276

References

https://danishcyberdefence.dk/blogThird Party Advisory
https://madsjoensen.dk/cve-2020-9451/ExploitThird Party Advisory
https://www.acronis.comVendor Advisory
https://danishcyberdefence.dk/blogThird Party Advisory
https://madsjoensen.dk/cve-2020-9451/ExploitThird Party Advisory
https://www.acronis.comVendor Advisory

FAQ

What is CVE-2020-9451?

CVE-2020-9451 is a vulnerability with a CVSS score of 5.5 (MEDIUM). An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe keeps a log in a folder where unprivileged users have write permissions. The logs are generated in a predicta...

How severe is CVE-2020-9451?

CVE-2020-9451 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-9451?

Check the references section above for vendor advisories and patch information. Affected products include: Acronis True Image 2020.