CVE-2022-45451: Acronis Cyber Protect File System Minifilter Driver Privilege Escalation

Mike Alfaro 11/17/2022

Mike Alfaro, NephōSec Cybersecurity Engineer, submitted CVE-2022-45451 and it has been published to the CVE List. The CVE Record is now available for viewing by the public. The CVE details can be viewed on the following page: or can be downloaded from the CVE website. 


The Acronis Cyber Protect suite’s “ngscan.sys” driver does not properly restrict access to the file system minifilter’s communication port, allowing an arbitrary read of privileged files. 

How it works

A local malicious actor may open the filter communication port and issue commands to open a file for reading.


Sensitive information disclosure.

Detections and Mitigations

Update to the newest release of Acronis Cyber Protect products for Microsoft Windows.

You May Also Like