This vulnerability in Acronis DeviceLock DLP (Windows) is caused by improper handling of DLL loading, leading to DLL hijacking (CWE-427). An attacker with local access and limited privileges could exploit this flaw to escalate their privileges on the system. The affected versions are those before build 9.0.15051.93227. The CVSS 3.0 vector indicates the attack requires local access, low complexity, privileges required are low, user interaction is required, and the impact on confidentiality, integrity, and availability is high. No patch or official remediation level has been published by Acronis as of the provided data.

Successful exploitation can result in full compromise of the affected system by escalating local privileges, potentially allowing an attacker to execute arbitrary code with higher privileges, access sensitive data, and disrupt system availability. The high CVSS score reflects significant impact on confidentiality, integrity, and availability.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, restrict local access to trusted users only and monitor for suspicious activity related to DLL loading. Avoid running untrusted applications or code with elevated privileges. Follow vendor updates closely for any forthcoming patches or mitigations.