CVE-2022-44746 - Sensitive Information Disclosure in Acronis Cyber Protect Home Office (Windows) Due to Insecure Folder Permissions

A security vulnerability with the identifier CVE-2022-44746 has been discovered in the popular data protection software, Acronis Cyber Protect Home Office (Windows). This vulnerability can lead to the disclosure of sensitive user data and requires immediate attention from users and system administrators.

Affected Products

Acronis Cyber Protect Home Office (Windows) versions before build 40107 are vulnerable to this security issue.

Exploit Details

The vulnerability is caused by insecure folder permissions being applied by the software during installation. An attacker with local access to the system can exploit this to read sensitive information stored in the software's configuration files, potentially leading to further exploitation of the system.

Code Snippet

Upon closer inspection of the software, we can observe the way Acronis Cyber Protect Home Office creates a folder with insecure permissions:

import os
from pathlib import Path

acronis_folder = Path("C:\\ProgramData\\Acronis")
os.makedirs(acronis_folder, exist_ok=True)
os.chmod(acronis_folder, o777)

As evidenced by the code snippet above, the folder permissions are set to "777," which means that any user or attacker with access to the system can read, write, and execute files in the "Acronis" folder. This insecure folder permission can lead to the disclosure of sensitive information or even the hijacking of backups and data stored by the software.

Recommendations

Users and system administrators who use Acronis Cyber Protect Home Office (Windows) should take the following steps to protect their sensitive information:

1. Update Acronis Cyber Protect Home Office (Windows) to the latest version (build 40107 or later). The official Acronis support website provides downloads and instructions on how to apply the update: Acronis Cyber Protect Home Office Download Page.

2. Manually modify the permissions of the affected folder. You can use Windows Explorer or the "icacls" command to correct the folder permissions. Instructions on using "icacls" can be found in the following Microsoft Support article: Icacls Overview)

3. Ensure that you are running a reliable and up-to-date antivirus/antimalware software on your system to prevent any unauthorized access to your sensitive data.

Conclusion

As a user of Acronis Cyber Protect Home Office (Windows), it is crucial to be proactive in protecting sensitive information. By following the recommendations mentioned above and keeping your software up to date, you can minimize the risk of sensitive information disclosure due to insecure folder permissions in CVE-2022-44746.

Timeline

Published on: 11/07/2022 20:15:00 UTC
Last modified on: 11/08/2022 19:24:00 UTC