Cyber Protect
by Acronis
CVEs (94)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-28721 | 0.00 | — | 0.00 | Mar 5, 2026 | Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||
| CVE-2026-28720 | 0.00 | — | 0.00 | Mar 5, 2026 | Unauthorized modification of settings due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28719 | 0.00 | — | 0.00 | Mar 5, 2026 | Unauthorized resource manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28718 | 0.00 | — | 0.00 | Mar 5, 2026 | Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28717 | 0.00 | — | 0.00 | Mar 5, 2026 | Local privilege escalation due to improper directory permissions. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||
| CVE-2026-28716 | 0.00 | — | 0.00 | Mar 5, 2026 | Information disclosure and manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28715 | 0.00 | — | 0.00 | Mar 5, 2026 | Sensitive information disclosure due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28714 | 0.00 | — | 0.00 | Mar 5, 2026 | Unnecessary transmission of sensitive cryptographic material. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28713 | 0.00 | — | 0.00 | Mar 5, 2026 | Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, Acronis Cyber Protect 17 (VMware) before build 41186. | |||
| CVE-2026-28712 | 0.00 | — | 0.00 | Mar 5, 2026 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||
| CVE-2026-28711 | 0.00 | — | 0.00 | Mar 5, 2026 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||
| CVE-2026-28710 | 0.00 | — | 0.00 | Mar 5, 2026 | Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28709 | 0.00 | — | 0.00 | Mar 5, 2026 | Unauthorized resource manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2025-11791 | 0.00 | — | 0.00 | Mar 5, 2026 | Sensitive information disclosure and manipulation due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 41124. | |||
| CVE-2025-30416 | 0.00 | — | 0.00 | Feb 20, 2026 | Sensitive data disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800. | |||
| CVE-2025-30412 | 0.00 | — | 0.01 | Feb 20, 2026 | Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800. | |||
| CVE-2025-30411 | 0.00 | — | 0.01 | Feb 20, 2026 | Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800. | |||
| CVE-2024-55541 | 0.00 | — | 0.00 | Jan 2, 2025 | Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39169. | |||
| CVE-2024-55540 | 0.00 | — | 0.00 | Jan 2, 2025 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169. | |||
| CVE-2024-55543 | 0.00 | — | 0.00 | Jan 2, 2025 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169. |
- CVE-2026-28721Mar 5, 2026risk 0.00cvss —epss 0.00
Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
- CVE-2026-28720Mar 5, 2026risk 0.00cvss —epss 0.00
Unauthorized modification of settings due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28719Mar 5, 2026risk 0.00cvss —epss 0.00
Unauthorized resource manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28718Mar 5, 2026risk 0.00cvss —epss 0.00
Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28717Mar 5, 2026risk 0.00cvss —epss 0.00
Local privilege escalation due to improper directory permissions. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
- CVE-2026-28716Mar 5, 2026risk 0.00cvss —epss 0.00
Information disclosure and manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28715Mar 5, 2026risk 0.00cvss —epss 0.00
Sensitive information disclosure due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28714Mar 5, 2026risk 0.00cvss —epss 0.00
Unnecessary transmission of sensitive cryptographic material. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28713Mar 5, 2026risk 0.00cvss —epss 0.00
Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, Acronis Cyber Protect 17 (VMware) before build 41186.
- CVE-2026-28712Mar 5, 2026risk 0.00cvss —epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
- CVE-2026-28711Mar 5, 2026risk 0.00cvss —epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
- CVE-2026-28710Mar 5, 2026risk 0.00cvss —epss 0.00
Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28709Mar 5, 2026risk 0.00cvss —epss 0.00
Unauthorized resource manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2025-11791Mar 5, 2026risk 0.00cvss —epss 0.00
Sensitive information disclosure and manipulation due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 41124.
- CVE-2025-30416Feb 20, 2026risk 0.00cvss —epss 0.00
Sensitive data disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
- CVE-2025-30412Feb 20, 2026risk 0.00cvss —epss 0.01
Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
- CVE-2025-30411Feb 20, 2026risk 0.00cvss —epss 0.01
Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
- CVE-2024-55541Jan 2, 2025risk 0.00cvss —epss 0.00
Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39169.
- CVE-2024-55540Jan 2, 2025risk 0.00cvss —epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.
- CVE-2024-55543Jan 2, 2025risk 0.00cvss —epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.
Page 2 of 5