Acronis True Image 2021 contains a System Clean-up functionality which allows the user to wipe Recycle Bin, Temp folder, recent usage history including passwords and other information. The software has protections against symlink attack but it is vulnerable to Directory junction attack and it is possible for an attacker to delete all the files and subfolders of a folder using this vulnerability even if he does not have the permission to do so resulting in Privilege Escalation.
https://hackerone.com/reports/996576