CVE-2020-14999

A logic bug in system monitoring driver of Acronis Agent after 12.5.21540 and before 12.5.23094 allowed to bypass Windows memory protection and access sensitive data.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 54%
VendorProductVersion
acronisagent
12.5.21540 ≤
𝑥
≤ 12.5.23094
𝑥
= Vulnerable software versions
References
https://www.acronis.com/en-us/support/updates/index.html
https://www.acronis.com/en-us/support/updates/index.html