CVE-2022-45451

Mike Alfaro 11/17/2022

What Is a CVE?

The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. Common Vulnerabilities and Exposures (CVE) is a database of these security issues. A CVE number uniquely identifies one vulnerability from the list. Enterprises typically use CVE, and corresponding CVSS scores, for planning and prioritization in their vulnerability management programs.

The CVE Program actively partners with community members worldwide to help grow CVE content and expand its use. Mike Alfaro, NephōSec Cybersecurity Engineer, submitted CVE-2022-45451 and it has been published to the CVE List. The CVE Record is now available for viewing by the public. The CVE details can be viewed on the following page: https://security-advisory.acronis.com/advisories/SEC-4858 or can be downloaded from the CVE website. https://www.cve.org/

Explanation

The Acronis Cyber Protect suite’s “ngscan.sys” driver does not properly restrict access to the file system minifilter’s communication port, allowing an arbitrary read of privileged files. 

How it works

A local malicious actor may open the filter communication port and issue commands to open a file for reading.

Risks

Sensitive information disclosure.

Detections and Mitigations

Update to the newest release of Acronis Cyber Protect products for Microsoft Windows.

You May Also Like