CVE-2020-25736

Acronis True Image 2019 update 1 through 2021 update 1 on macOS allows local privilege escalation due to an insecure XPC service configuration.

CVE-2021-32581

Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation.

CVE-2020-15496

Acronis True Image for Mac before 2021 Update 4 allowed local privilege escalation due to insecure folder permissions.

CVE-2021-32579

Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker (who has a local code execution ability) to tamper with the micro-service API.

CVE-2021-32576

Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 1 of 2).

CVE-2021-32578

Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 2 of 2).

CVE-2021-32577

Acronis True Image prior to 2021 Update 5 for Windows allowed local privilege escalation due to insecure folder permissions.

CVE-2021-32580

Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to DLL hijacking.