CVE-2021-38086

EUVD-2021-24559
Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis Agent for Windows prior to build 26226 allowed local privilege escalation via DLL hijacking.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
Affected Products (NVD)
VendorProductVersion
acroniscyber_protect
𝑥
< 15
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://kb.acronis.com/content/68564
https://kb.acronis.com/content/68564