CVE-2024-34010

EUVD-2024-34582
Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690, Acronis True Image (Windows) before build 42386.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.2 HIGH
LOCAL
LOW
HIGH
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
acroniscyber_protect_cloud_agent
- ≤
𝑥
< build_37758
ADP
Common Weakness Enumeration
References
https://security-advisory.acronis.com/advisories/SEC-7110
https://security-advisory.acronis.com/advisories/SEC-7110