CVE-2023-41743 HIGH

CVE-2023-41743

Vendor Acronis

Product Acronis Cyber Protect Home Office

Weakness CWE-269

Published August 31, 2023

Last update April 10, 2026

View on NVD All CVEs

CVSS base score

8.8/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Cyber Protect Cloud Agent (Windows) before build 31637, Acronis Cyber Protect 15 (Windows) before build 35979, Acronis True Image OEM (Windows) before build 42575.

Key dates

02Disclosure timeline

August 31, 2023 CVE published

April 10, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-41743 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/269.html

Related vulnerabilities

Identifiers

CVE CVE-2023-41743

CWE CWE-269

CVSS 8.8 / HIGH

Affected versions

Vendor Acronis

Product Acronis Cyber Protect Home Office

Affected ≥ unspecified and < 40278

Vendor Acronis

Product Acronis Cyber Protect Cloud Agent

Affected ≥ unspecified and < 31637

Vendor Acronis

Product Acronis Cyber Protect 15

Affected ≥ unspecified and < 35979

Vendor Acronis

Product Acronis True Image OEM

Affected ≥ unspecified and < 42575

CVE-2023-41743

01Description

02Disclosure timeline

03References

04Related CVE