2020-10-21 13:40:19
certcc
PUBLISHED
Acronis True Image 2021 fails to properly set ACLs of the C:ProgramDataAcronis directory. Because some privileged processes are executed from the C:ProgramDataAcronis, an unprivileged user can achieve arbitrary code execution with SYSTEM privileges by placing a DLL in one of several paths within C:ProgramDataAcronis.