CVE-2023-41743 - Vulnerability Details - OpenCVE

Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Agent (Windows) before build 31637, Acronis Cyber Protect 15 (Windows) before build 35979.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Acronis	Agent Cyber Protect Cyber Protect Home Office
Microsoft	Windows

Configuration 1 [-]

AND

OR	cpe:2.3:a:acronis:agent::::::::
	cpe:2.3:a:acronis:cyber_protect:15:-::::::
	cpe:2.3:a:acronis:cyber_protect:15:update1::::::
	cpe:2.3:a:acronis:cyber_protect:15:update2::::::
	cpe:2.3:a:acronis:cyber_protect:15:update3::::::
	cpe:2.3:a:acronis:cyber_protect:15:update4::::::
	cpe:2.3:a:acronis:cyber_protect:15:update5::::::
	cpe:2.3:a:acronis:cyber_protect_home_office:-:::::::*
	cpe:2.3:a:acronis:cyber_protect_home_office:39900:::::::*
	cpe:2.3:a:acronis:cyber_protect_home_office:40107:::::::*
	cpe:2.3:a:acronis:cyber_protect_home_office:40173:::::::*
	cpe:2.3:a:acronis:cyber_protect_home_office:40208:::::::*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://security-advisory.acronis.com/SEC-4858
https://security-advisory.acronis.com/advisories/SEC-5487

History

Tue, 01 Oct 2024 18:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:acronis:agent:-:::::::*
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Acronis

Published: 2023-08-31T15:04:10.802Z

Updated: 2024-10-01T17:32:05.640Z

Reserved: 2023-08-31T14:10:27.638Z

Link: CVE-2023-41743

Vulnrichment

Updated: 2024-08-02T19:09:47.982Z

NVD

Status : Modified

Published: 2023-08-31T16:15:10.270

Modified: 2024-11-21T08:21:36.350

Link: CVE-2023-41743

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-41743", "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "state": "PUBLISHED", "assignerShortName": "Acronis", "dateReserved": "2023-08-31T14:10:27.638Z", "datePublished": "2023-08-31T15:04:10.802Z", "dateUpdated": "2024-10-01T17:32:05.640Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "shortName": "Acronis", "dateUpdated": "2023-08-31T19:14:03.530Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-269", "description": "CWE-269", "type": "CWE"}]}], "affected": [{"vendor": "Acronis", "product": "Acronis Cyber Protect Home Office", "platforms": ["Windows"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "40278", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis Agent", "platforms": ["Windows"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "31637", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis Cyber Protect 15", "platforms": ["Windows"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "35979", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Agent (Windows) before build 31637, Acronis Cyber Protect 15 (Windows) before build 35979."}], "references": [{"url": "https://security-advisory.acronis.com/advisories/SEC-5487", "name": "SEC-5487", "tags": ["vendor-advisory"]}, {"name": "SEC-4858", "url": "https://security-advisory.acronis.com/SEC-4858", "tags": ["related"]}], "credits": [{"lang": "en", "value": "@alfarom256 (https://hackerone.com/alfarom256)", "type": "finder"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_0": {"version": "3.0", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:09:47.982Z"}, "title": "CVE Program Container", "references": [{"url": "https://security-advisory.acronis.com/advisories/SEC-5487", "name": "SEC-5487", "tags": ["vendor-advisory", "x_transferred"]}, {"name": "SEC-4858", "url": "https://security-advisory.acronis.com/SEC-4858", "tags": ["related", "x_transferred"]}]}, {"affected": [{"vendor": "acronis", "product": "cyber_protect", "cpes": ["cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "35979", "versionType": "semver"}]}, {"vendor": "acronis", "product": "cyber_protect_home_office", "cpes": ["cpe:2.3:a:acronis:cyber_protect_home_office:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "40278", "versionType": "semver"}]}, {"vendor": "acronis", "product": "agent", "cpes": ["cpe:2.3:a:acronis:agent:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "31637", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-01T17:29:00.348301Z", "id": "CVE-2023-41743", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-01T17:32:05.640Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://security-advisory.acronis.com/advisories/SEC-5487", "name": "SEC-5487", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://security-advisory.acronis.com/SEC-4858", "name": "SEC-4858", "tags": ["related", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:09:47.982Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-41743", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-01T17:29:00.348301Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*"], "vendor": "acronis", "product": "cyber_protect", "versions": [{"status": "affected", "version": "0", "lessThan": "35979", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:acronis:cyber_protect_home_office:-:*:*:*:*:*:*:*"], "vendor": "acronis", "product": "cyber_protect_home_office", "versions": [{"status": "affected", "version": "0", "lessThan": "40278", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:acronis:agent:-:*:*:*:*:*:*:*"], "vendor": "acronis", "product": "agent", "versions": [{"status": "affected", "version": "0", "lessThan": "31637", "versionType": "semver"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-01T17:31:41.175Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "@alfarom256 (https://hackerone.com/alfarom256)"}], "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Acronis", "product": "Acronis Cyber Protect Home Office", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "40278", "versionType": "semver"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis Agent", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "31637", "versionType": "semver"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis Cyber Protect 15", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "35979", "versionType": "semver"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "references": [{"url": "https://security-advisory.acronis.com/advisories/SEC-5487", "name": "SEC-5487", "tags": ["vendor-advisory"]}, {"url": "https://security-advisory.acronis.com/SEC-4858", "name": "SEC-4858", "tags": ["related"]}], "descriptions": [{"lang": "en", "value": "Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Agent (Windows) before build 31637, Acronis Cyber Protect 15 (Windows) before build 35979."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269"}]}], "providerMetadata": {"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "shortName": "Acronis", "dateUpdated": "2023-08-31T19:14:03.530Z"}}}, "cveMetadata": {"cveId": "CVE-2023-41743", "state": "PUBLISHED", "dateUpdated": "2024-10-01T17:32:05.640Z", "dateReserved": "2023-08-31T14:10:27.638Z", "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "datePublished": "2023-08-31T15:04:10.802Z", "assignerShortName": "Acronis"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:acronis:agent:*:*:*:*:*:*:*:*", "matchCriteriaId": "6F4ABAEF-E87F-40CF-B8DA-5E70F9A480B1", "versionEndExcluding": "c23.02", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*", "matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*", "matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*", "matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*", "matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*", "matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update5:*:*:*:*:*:*", "matchCriteriaId": "69506F27-DEF8-4317-9E54-D79CA430AD4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:cyber_protect_home_office:-:*:*:*:*:*:*:*", "matchCriteriaId": "8418AF63-E280-4CE2-8E5C-DCD00ABE6557", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:cyber_protect_home_office:39900:*:*:*:*:*:*:*", "matchCriteriaId": "E0894339-A1AD-4382-A4B0-C13FEDE1F076", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:cyber_protect_home_office:40107:*:*:*:*:*:*:*", "matchCriteriaId": "6DE560C6-2EC0-4C58-AA31-B15512F45877", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:cyber_protect_home_office:40173:*:*:*:*:*:*:*", "matchCriteriaId": "E47F65B4-ACD6-4507-9242-35530163A730", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:cyber_protect_home_office:40208:*:*:*:*:*:*:*", "matchCriteriaId": "EE9F5E36-F752-4C7C-A678-D5B596A71C67", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Agent (Windows) before build 31637, Acronis Cyber Protect 15 (Windows) before build 35979."}, {"lang": "es", "value": "Escalada de privilegios locales debido a permisos inseguros del puerto de comunicaci\u00f3n del conductor. Los siguientes productos se ven afectados: Acronis Cyber ??Protect Home Office (Windows) antes de la compilaci\u00f3n 40278, Acronis Agent (Windows) antes de la compilaci\u00f3n 31637, Acronis Cyber ??Protect 15 (Windows) antes de la compilaci\u00f3n 35979."}], "id": "CVE-2023-41743", "lastModified": "2024-11-21T08:21:36.350", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "security@acronis.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-31T16:15:10.270", "references": [{"source": "security@acronis.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://security-advisory.acronis.com/SEC-4858"}, {"source": "security@acronis.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://security-advisory.acronis.com/advisories/SEC-5487"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://security-advisory.acronis.com/SEC-4858"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://security-advisory.acronis.com/advisories/SEC-5487"}], "sourceIdentifier": "security@acronis.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "security@acronis.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-269"}], "source": "nvd@nist.gov", "type": "Primary"}]}