RSS   Vulnerabilities for 'True image 2020'   RSS

2021-05-25
 
CVE-2020-9450

CWE-276
 

 
An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe exposes a REST API that can be used by everyone, even unprivileged users. This API is used to communicate from the GUI to anti_ransomware_service.exe. This can be exploited to add an arbitrary malicious executable to the whitelist, or even exclude an entire drive from being monitored by anti_ransomware_service.exe.

 

 >>> Vendor: Acronis 10 Products
True image
True image windows agent
Agent
Snap deploy
True image echo server
Cyber backup
Cyber protect
True image 2020
Cyber protect cloud
Cyber protection agent


Copyright 2024, cxsecurity.com

 

Back to Top