First published: Thu Aug 05 2021(Updated: )
Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker (who has a local code execution ability) to tamper with the micro-service API.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Acronis True Image | =2021 | |
Acronis True Image | =2021 | |
Acronis True Image | =2021-update_1 | |
Acronis True Image | =2021-update_1 | |
Acronis True Image | =2021-update_2 | |
Acronis True Image | =2021-update_2 | |
Acronis True Image | =2021-update_3 | |
Acronis True Image | =2021-update_3 | |
Acronis True Image | =2021-update_4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-32579 is high with a CVSS score of 7.8.
Acronis True Image versions prior to 2021 Update 4 for Windows and prior to 2021 Update 5 for macOS are affected by CVE-2021-32579.
An attacker with local code execution ability can exploit CVE-2021-32579 to tamper with the micro-service API.
No, authentication is not required to exploit CVE-2021-32579.
To fix CVE-2021-32579, users should update Acronis True Image to 2021 Update 4 for Windows or 2021 Update 5 for macOS.