Vulnerability Description
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Cyber Protect Cloud Agent (Windows) before build 31637, Acronis Cyber Protect 15 (Windows) before build 35979, Acronis True Image OEM (Windows) before build 42575.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Acronis | Agent | < c23.02 |
| Acronis | Cyber Protect | 15 |
| Acronis | Cyber Protect Home Office | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://security-advisory.acronis.com/SEC-4858Release NotesVendor Advisory
- https://security-advisory.acronis.com/advisories/SEC-5487Release NotesVendor Advisory
- https://security-advisory.acronis.com/SEC-4858Release NotesVendor Advisory
- https://security-advisory.acronis.com/advisories/SEC-5487Release NotesVendor Advisory
FAQ
What is CVE-2023-41743?
CVE-2023-41743 is a vulnerability with a CVSS score of 7.8 (HIGH). Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Cyber Pro...
How severe is CVE-2023-41743?
CVE-2023-41743 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-41743?
Check the references section above for vendor advisories and patch information. Affected products include: Acronis Agent, Acronis Cyber Protect, Acronis Cyber Protect Home Office, Microsoft Windows.