Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe keeps a log in a folder where unprivileged users have write permissions. The logs are generated in a predictable pattern, allowing an unprivileged user to create a hardlink from a (not yet created) log file to anti_ransomware_service.exe. On reboot, this forces the anti_ransomware_service to try to write its log into its own process, crashing in a SHARING VIOLATION. This crash occurs on every reboot.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Acronis True Image 安全漏洞
Vulnerability Description
Acronis True Image是新加坡安克诺斯(Acronis)的一款著名的数据备份还原软件。该软件可用于创建驱动器和磁盘映像,并在需要干净系统时可以还原镜像。 Acronis True Image 2020 24.5.22510版本存在安全漏洞,该漏洞源于程序的日志以可预测的模式生成,允许非特权用户创建一个尚未创建的日志文件到反勒索软件服务.exe的硬链接。在重新启动时,这将迫使反勒索软件服务尝试将其日志写入自己的进程,并在共享中崩溃。每次重启都会发生此崩溃。
CVSS Information
N/A
Vulnerability Type
N/A