Acronis
Products
25- 94 CVEs
- 93 CVEs
- 44 CVEs
- 33 CVEs
- 27 CVEs
- 22 CVEs
- 13 CVEs
- 10 CVEs
- 7 CVEs
- 6 CVEs
- 5 CVEs
- 4 CVEs
- 4 CVEs
- 4 CVEs
- 3 CVEs
- 3 CVEs
- 3 CVEs
- 3 CVEs
- 3 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
218| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-30410 | Cri | 0.64 | 9.8 | 0.01 | Feb 20, 2026 | Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 39870, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938, Acronis Cyber Protect… | ||
| CVE-2024-8767 | Cri | 0.64 | 9.9 | 0.00 | Sep 17, 2024 | Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 619, Acronis Backup extension for Plesk (Linux) before build 555, Acronis Backup plugin for… | ||
| CVE-2023-44208 | Cri | 0.59 | 9.1 | 0.00 | Oct 4, 2023 | Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575. | ||
| CVE-2025-7779 | Hig | 0.57 | 8.8 | 0.00 | Sep 30, 2025 | Local privilege escalation due to insecure XPC service configuration. The following products are affected: Acronis True Image (macOS) before build 42389, Acronis True Image for SanDisk (macOS) before build 42198, Acronis True Image for Western Digital (macOS) before build 42197,… | ||
| CVE-2017-3219 | Hig | 0.57 | 8.8 | 0.00 | Jun 21, 2017 | Acronis True Image up to and including version 2017 Build 8053 performs software updates using HTTP. Downloaded updates are only verified using a server-provided MD5 hash. | ||
| CVE-2024-34010 | Hig | 0.53 | 8.2 | 0.00 | Apr 29, 2024 | Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690, Acronis True Image (Windows) before build 42386,… | ||
| CVE-2026-41952 | Hig | 0.51 | 7.8 | 0.00 | Apr 29, 2026 | Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) before build 42183. | ||
| CVE-2026-41220 | Hig | 0.51 | 7.8 | 0.00 | Apr 29, 2026 | Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) before build 42183. | ||
| CVE-2026-33092 | Hig | 0.51 | 7.8 | 0.00 | Apr 10, 2026 | Local privilege escalation due to improper handling of environment variables. The following products are affected: Acronis True Image OEM (macOS) before build 42571, Acronis True Image (macOS) before build 42902. | ||
| CVE-2026-28727 | Hig | 0.51 | 7.8 | 0.00 | Mar 6, 2026 | Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124, Acronis True Image (macOS) before build 42902. | ||
| CVE-2025-9578 | Hig | 0.51 | 7.8 | 0.00 | Aug 28, 2025 | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 40734. | ||
| CVE-2024-34013 | Hig | 0.51 | 7.8 | 0.01 | Jul 18, 2024 | Local privilege escalation due to OS command injection vulnerability. The following products are affected: Acronis True Image (macOS) before build 41396, Acronis True Image OEM (macOS) before build 42571. | ||
| CVE-2023-48677 | Hig | 0.51 | 7.8 | 0.00 | Dec 12, 2023 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901, Acronis Cyber Protect Cloud Agent (Windows) before build 39378, Acronis Cyber Protect 16 (Windows) before build… | ||
| CVE-2022-46869 | Hig | 0.51 | 7.8 | 0.00 | Aug 31, 2023 | Local privilege escalation during installation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis True Image OEM (Windows) before build 42575. | ||
| CVE-2023-41743 | Hig | 0.51 | 7.8 | 0.00 | Aug 31, 2023 | Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Cyber Protect Cloud Agent (Windows) before build 31637, Acronis Cyber Protect 15… | ||
| CVE-2025-30415 | Hig | 0.49 | 7.5 | 0.00 | Jun 4, 2025 | Denial of service due to improper handling of malformed input. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40077, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186. | ||
| CVE-2023-5042 | Hig | 0.49 | 7.5 | 0.00 | Sep 20, 2023 | Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575. | ||
| CVE-2026-50033 | Hig | 0.47 | 7.3 | 0.00 | Jun 3, 2026 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227. | ||
| CVE-2026-44682 | Hig | 0.47 | 7.3 | 0.00 | Jun 3, 2026 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227. | ||
| CVE-2026-44609 | Hig | 0.47 | 7.3 | 0.00 | Jun 3, 2026 | Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227. |
- risk 0.64cvss 9.8epss 0.01
Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 39870, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938, Acronis Cyber Protect…
- risk 0.64cvss 9.9epss 0.00
Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 619, Acronis Backup extension for Plesk (Linux) before build 555, Acronis Backup plugin for…
- risk 0.59cvss 9.1epss 0.00
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575.
- risk 0.57cvss 8.8epss 0.00
Local privilege escalation due to insecure XPC service configuration. The following products are affected: Acronis True Image (macOS) before build 42389, Acronis True Image for SanDisk (macOS) before build 42198, Acronis True Image for Western Digital (macOS) before build 42197,…
- risk 0.57cvss 8.8epss 0.00
Acronis True Image up to and including version 2017 Build 8053 performs software updates using HTTP. Downloaded updates are only verified using a server-provided MD5 hash.
- risk 0.53cvss 8.2epss 0.00
Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690, Acronis True Image (Windows) before build 42386,…
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) before build 42183.
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) before build 42183.
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation due to improper handling of environment variables. The following products are affected: Acronis True Image OEM (macOS) before build 42571, Acronis True Image (macOS) before build 42902.
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124, Acronis True Image (macOS) before build 42902.
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 40734.
- risk 0.51cvss 7.8epss 0.01
Local privilege escalation due to OS command injection vulnerability. The following products are affected: Acronis True Image (macOS) before build 41396, Acronis True Image OEM (macOS) before build 42571.
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901, Acronis Cyber Protect Cloud Agent (Windows) before build 39378, Acronis Cyber Protect 16 (Windows) before build…
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation during installation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis True Image OEM (Windows) before build 42575.
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Cyber Protect Cloud Agent (Windows) before build 31637, Acronis Cyber Protect 15…
- risk 0.49cvss 7.5epss 0.00
Denial of service due to improper handling of malformed input. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40077, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.
- risk 0.49cvss 7.5epss 0.00
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575.
- risk 0.47cvss 7.3epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227.
- risk 0.47cvss 7.3epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227.
- risk 0.47cvss 7.3epss 0.00
Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227.