CVE-2022-44745 is a vulnerability classified under CWE-532, which pertains to the exposure of sensitive information through log files. This vulnerability affects the Acronis Cyber Protect Home Office product for Windows versions prior to build 40107. The issue arises because the application improperly handles logging, resulting in sensitive data being written to log files where unauthorized users with access to these files could potentially retrieve confidential information. The vulnerability has a CVSS v3.0 base score of 4.0, indicating a medium severity level. The CVSS vector (AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N) reveals that exploitation requires local access (AV:L), high attack complexity (AC:H), high privileges (PR:H), and user interaction (UI:R). The impact is primarily on confidentiality (C:H), with no impact on integrity or availability. No known exploits are currently reported in the wild, and no official patches or mitigation links have been provided by the vendor at the time of this analysis. The vulnerability is specific to Windows installations of the product, which is a backup and cybersecurity solution aimed at home office users but may also be used by small businesses or individuals in professional environments. The exposure of sensitive information through logs can lead to data leakage, potentially compromising user credentials, backup configurations, or other private data stored or processed by the software. Given the requirement for local access and high privileges, the risk is mitigated somewhat by the need for an attacker to already have significant access to the system, but the presence of sensitive data in logs still represents a security concern, especially in multi-user or shared environments.

For European organizations, especially small businesses and home office users relying on Acronis Cyber Protect Home Office on Windows, this vulnerability could lead to unauthorized disclosure of sensitive information if an attacker gains local access with elevated privileges. This could facilitate further attacks such as credential theft, lateral movement, or exposure of backup data configurations. Although the vulnerability does not directly impact system integrity or availability, the confidentiality breach could undermine trust in backup solutions and expose personal or business-critical data. Organizations with shared workstations or less strict local access controls are at higher risk. The impact is more pronounced in environments where sensitive corporate or personal data is backed up or managed using this software. Additionally, since the vulnerability requires user interaction and high privileges, it is less likely to be exploited remotely but could be leveraged by insiders or through social engineering to escalate access or gather intelligence.

1. Upgrade to Acronis Cyber Protect Home Office build 40107 or later as soon as an official patch or update is released by Acronis to address this vulnerability. 2. Until a patch is available, restrict local access to systems running the affected software to trusted users only, enforcing strict user account control and privilege separation. 3. Regularly audit and monitor log files for sensitive information exposure and implement log management policies that limit access to logs and securely archive or delete logs containing sensitive data. 4. Employ endpoint protection solutions to detect and prevent unauthorized privilege escalation or local attacks that could exploit this vulnerability. 5. Educate users about the risks of social engineering and the importance of not granting elevated privileges or executing untrusted actions that could lead to exploitation. 6. Consider isolating backup and cybersecurity software environments from general user workstations to limit the scope of potential local attacks. 7. Implement file system permissions and encryption on log directories to prevent unauthorized reading of log files. 8. Monitor vendor communications for updates or patches and apply them promptly.