Acronis Cyber Protect 16 (Linux)
by Acronis
CVEs (90)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-55539 | Low | 0.16 | 2.5 | 0.00 | Dec 23, 2024 | Weak algorithm used to sign RPM package. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux) before build 39185, Acronis Cyber Protect 16 (Linux) before build 39938. | ||
| CVE-2022-30995 | 0.08 | — | 0.63 | May 3, 2023 | Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545. | |||
| CVE-2022-3405 | 0.06 | — | 0.40 | May 3, 2023 | Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545. | |||
| CVE-2026-28726 | 0.00 | — | 0.00 | Mar 5, 2026 | Sensitive information disclosure due to improper access control. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28725 | 0.00 | — | 0.00 | Mar 5, 2026 | Sensitive information disclosure due to improper configuration of a headless browser. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2025-30413 | 0.00 | — | 0.00 | Mar 5, 2026 | Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40497, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186. | |||
| CVE-2026-28724 | 0.00 | — | 0.00 | Mar 5, 2026 | Unauthorized data access due to insufficient access control validation. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28723 | 0.00 | — | 0.00 | Mar 5, 2026 | Unauthorized report deletion due to insufficient access control. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28722 | 0.00 | — | 0.00 | Mar 5, 2026 | Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||
| CVE-2026-28721 | 0.00 | — | 0.00 | Mar 5, 2026 | Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||
| CVE-2026-28720 | 0.00 | — | 0.00 | Mar 5, 2026 | Unauthorized modification of settings due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28719 | 0.00 | — | 0.00 | Mar 5, 2026 | Unauthorized resource manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28718 | 0.00 | — | 0.00 | Mar 5, 2026 | Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28717 | 0.00 | — | 0.00 | Mar 5, 2026 | Local privilege escalation due to improper directory permissions. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||
| CVE-2026-28716 | 0.00 | — | 0.00 | Mar 5, 2026 | Information disclosure and manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28715 | 0.00 | — | 0.00 | Mar 5, 2026 | Sensitive information disclosure due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28714 | 0.00 | — | 0.00 | Mar 5, 2026 | Unnecessary transmission of sensitive cryptographic material. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | |||
| CVE-2026-28713 | 0.00 | — | 0.00 | Mar 5, 2026 | Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, Acronis Cyber Protect 17 (VMware) before build 41186. | |||
| CVE-2026-28712 | 0.00 | — | 0.00 | Mar 5, 2026 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||
| CVE-2026-28711 | 0.00 | — | 0.00 | Mar 5, 2026 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. |
- risk 0.16cvss 2.5epss 0.00
Weak algorithm used to sign RPM package. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux) before build 39185, Acronis Cyber Protect 16 (Linux) before build 39938.
- CVE-2022-30995May 3, 2023risk 0.08cvss —epss 0.63
Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.
- CVE-2022-3405May 3, 2023risk 0.06cvss —epss 0.40
Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.
- CVE-2026-28726Mar 5, 2026risk 0.00cvss —epss 0.00
Sensitive information disclosure due to improper access control. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28725Mar 5, 2026risk 0.00cvss —epss 0.00
Sensitive information disclosure due to improper configuration of a headless browser. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2025-30413Mar 5, 2026risk 0.00cvss —epss 0.00
Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40497, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.
- CVE-2026-28724Mar 5, 2026risk 0.00cvss —epss 0.00
Unauthorized data access due to insufficient access control validation. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28723Mar 5, 2026risk 0.00cvss —epss 0.00
Unauthorized report deletion due to insufficient access control. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28722Mar 5, 2026risk 0.00cvss —epss 0.00
Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
- CVE-2026-28721Mar 5, 2026risk 0.00cvss —epss 0.00
Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
- CVE-2026-28720Mar 5, 2026risk 0.00cvss —epss 0.00
Unauthorized modification of settings due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28719Mar 5, 2026risk 0.00cvss —epss 0.00
Unauthorized resource manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28718Mar 5, 2026risk 0.00cvss —epss 0.00
Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28717Mar 5, 2026risk 0.00cvss —epss 0.00
Local privilege escalation due to improper directory permissions. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
- CVE-2026-28716Mar 5, 2026risk 0.00cvss —epss 0.00
Information disclosure and manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28715Mar 5, 2026risk 0.00cvss —epss 0.00
Sensitive information disclosure due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28714Mar 5, 2026risk 0.00cvss —epss 0.00
Unnecessary transmission of sensitive cryptographic material. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
- CVE-2026-28713Mar 5, 2026risk 0.00cvss —epss 0.00
Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, Acronis Cyber Protect 17 (VMware) before build 41186.
- CVE-2026-28712Mar 5, 2026risk 0.00cvss —epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
- CVE-2026-28711Mar 5, 2026risk 0.00cvss —epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
Page 1 of 5