Bug Bounty

All about electronic devices security
http://bugbounty.com.au/

TrueImage for Acronis True Image 2020 - Untrusted DLL Search-Ordering lead to Privilege Escalation as Administrative acc

http://bugbounty.com.au/viewtopic.php?t=109

Page 1 of 1

TrueImage for Acronis True Image 2020 - Untrusted DLL Search-Ordering lead to Privilege Escalation as Administrative acc

Posted: Tue Oct 08, 2024 12:40 pm
by Shane1145
Vulnerability Explanation :
An issue was discovered in Acronis Service Manager Service which intregated from Acronis Cyber Backup ver.15.0.24197. This service is suffered by untrusted search binary. The malicious users who are in “Authenticated Users” group can use malicious DLL file to execute arbitrary code and escalate privilege to impersonate as local administrator.

https://hackerone.com/reports/959017
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited