First published: Thu Nov 25 2021(Updated: )
DLL hijacking could lead to local privilege escalation. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035
Credit: security@acronis.com security@acronis.com
Affected Software | Affected Version | How to fix |
---|---|---|
Acronis Cyber Protect | <15 | |
Acronis Cyber Protect | =15 | |
Acronis Cyber Protect | =15-update1 | |
Acronis Cyber Protect | =15-update2 | |
Microsoft Windows | ||
All of | ||
Any of | ||
Acronis Cyber Protect | <15 | |
Acronis Cyber Protect | =15 | |
Acronis Cyber Protect | =15-update1 | |
Acronis Cyber Protect | =15-update2 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this DLL hijacking vulnerability is CVE-2021-44198.
The severity of CVE-2021-44198 is high (7.8).
The following products are affected by CVE-2021-44198: Acronis Cyber Protect 15 (Windows) before build 28035.
This vulnerability allows an attacker to load a malicious DLL file instead of a legitimate one, which could lead to the execution of arbitrary code with elevated privileges.
To fix CVE-2021-44198, it is recommended to upgrade to Acronis Cyber Protect 15 (Windows) build 28035 or later.