VYPR

Vendor CVEs

Acronis

All CVEs

218 total · sorted by risk
  • CVE-2025-30410CriFeb 20, 2026
    risk 0.64cvss 9.8epss 0.01

    Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 39870, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938, Acronis Cyber Protect…

  • CVE-2024-8767CriSep 17, 2024
    risk 0.64cvss 9.9epss 0.00

    Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 619, Acronis Backup extension for Plesk (Linux) before build 555, Acronis Backup plugin for…

  • CVE-2023-44208CriOct 4, 2023
    risk 0.59cvss 9.1epss 0.00

    Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575.

  • CVE-2025-7779HigSep 30, 2025
    risk 0.57cvss 8.8epss 0.00

    Local privilege escalation due to insecure XPC service configuration. The following products are affected: Acronis True Image (macOS) before build 42389, Acronis True Image for SanDisk (macOS) before build 42198, Acronis True Image for Western Digital (macOS) before build 42197,…

  • CVE-2017-3219HigJun 21, 2017
    risk 0.57cvss 8.8epss 0.00

    Acronis True Image up to and including version 2017 Build 8053 performs software updates using HTTP. Downloaded updates are only verified using a server-provided MD5 hash.

  • CVE-2024-34010HigApr 29, 2024
    risk 0.53cvss 8.2epss 0.00

    Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690, Acronis True Image (Windows) before build 42386,…

  • CVE-2026-41952HigApr 29, 2026
    risk 0.51cvss 7.8epss 0.00

    Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) before build 42183.

  • CVE-2026-41220HigApr 29, 2026
    risk 0.51cvss 7.8epss 0.00

    Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) before build 42183.

  • CVE-2026-33092HigApr 10, 2026
    risk 0.51cvss 7.8epss 0.00

    Local privilege escalation due to improper handling of environment variables. The following products are affected: Acronis True Image OEM (macOS) before build 42571, Acronis True Image (macOS) before build 42902.

  • CVE-2026-28727HigMar 6, 2026
    risk 0.51cvss 7.8epss 0.00

    Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124, Acronis True Image (macOS) before build 42902.

  • CVE-2025-9578HigAug 28, 2025
    risk 0.51cvss 7.8epss 0.00

    Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 40734.

  • CVE-2024-34013HigJul 18, 2024
    risk 0.51cvss 7.8epss 0.01

    Local privilege escalation due to OS command injection vulnerability. The following products are affected: Acronis True Image (macOS) before build 41396, Acronis True Image OEM (macOS) before build 42571.

  • CVE-2023-48677HigDec 12, 2023
    risk 0.51cvss 7.8epss 0.00

    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901, Acronis Cyber Protect Cloud Agent (Windows) before build 39378, Acronis Cyber Protect 16 (Windows) before build…

  • CVE-2022-46869HigAug 31, 2023
    risk 0.51cvss 7.8epss 0.00

    Local privilege escalation during installation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis True Image OEM (Windows) before build 42575.

  • CVE-2023-41743HigAug 31, 2023
    risk 0.51cvss 7.8epss 0.00

    Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Cyber Protect Cloud Agent (Windows) before build 31637, Acronis Cyber Protect 15…

  • CVE-2025-30415HigJun 4, 2025
    risk 0.49cvss 7.5epss 0.00

    Denial of service due to improper handling of malformed input. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40077, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.

  • CVE-2023-5042HigSep 20, 2023
    risk 0.49cvss 7.5epss 0.00

    Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575.

  • CVE-2026-50033HigJun 3, 2026
    risk 0.47cvss 7.3epss 0.00

    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227.

  • CVE-2026-44682HigJun 3, 2026
    risk 0.47cvss 7.3epss 0.00

    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227.

  • CVE-2026-44609HigJun 3, 2026
    risk 0.47cvss 7.3epss 0.00

    Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227.

  • CVE-2026-42061HigJun 3, 2026
    risk 0.47cvss 7.3epss 0.00

    Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227.

  • CVE-2025-11178HigSep 30, 2025
    risk 0.47cvss 7.3epss 0.00

    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42386, Acronis True Image for Western Digital (Windows) before build 42636, Acronis True Image for SanDisk (Windows) before build 42679,…

  • CVE-2025-48963HigAug 28, 2025
    risk 0.47cvss 7.3epss 0.00

    Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40296.

  • CVE-2025-48961HigJun 4, 2025
    risk 0.47cvss 7.3epss 0.00

    Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39938.

  • CVE-2023-48684HigApr 29, 2024
    risk 0.46cvss 7.1epss 0.00

    Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 37758, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.

  • CVE-2023-48683HigApr 29, 2024
    risk 0.46cvss 7.1epss 0.00

    Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 37758, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169.

  • CVE-2026-33271MedApr 2, 2026
    risk 0.44cvss 6.7epss 0.00

    Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902.

  • CVE-2026-28728MedApr 2, 2026
    risk 0.44cvss 6.7epss 0.00

    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902.

  • CVE-2026-27774MedApr 2, 2026
    risk 0.44cvss 6.7epss 0.00

    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902.

  • CVE-2025-48959MedJun 4, 2025
    risk 0.44cvss 6.7epss 0.00

    Local privilege escalation due to insecure file permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 40077.

  • CVE-2025-30408MedApr 24, 2025
    risk 0.44cvss 6.7epss 0.00

    Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39904, Acronis Cyber Protect 16 (Windows) before build 39938.

  • CVE-2025-24826MedJan 28, 2025
    risk 0.44cvss 6.7epss 0.00

    Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 4625.

  • CVE-2024-8766MedSep 16, 2024
    risk 0.44cvss 6.7epss 0.00

    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 38235, Acronis Cyber Protect 16 (Windows) before build 39169.

  • CVE-2024-34011MedApr 29, 2024
    risk 0.44cvss 6.8epss 0.00

    Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758.

  • CVE-2025-24831MedJan 31, 2025
    risk 0.43cvss 6.6epss 0.00

    Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.

  • CVE-2024-34016MedSep 16, 2024
    risk 0.42cvss 6.5epss 0.00

    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 38235.

  • CVE-2025-30407MedMar 26, 2025
    risk 0.41cvss 6.3epss 0.00

    Local privilege escalation due to a binary hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39713.

  • CVE-2025-24830MedJan 31, 2025
    risk 0.41cvss 6.3epss 0.00

    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.

  • CVE-2025-24829MedJan 31, 2025
    risk 0.41cvss 6.3epss 0.00

    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.

  • CVE-2025-24828MedJan 31, 2025
    risk 0.41cvss 6.3epss 0.00

    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.

  • CVE-2025-24827MedJan 31, 2025
    risk 0.41cvss 6.3epss 0.00

    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.

  • CVE-2024-56413MedJan 2, 2025
    risk 0.40cvss 6.1epss 0.00

    Missing session invalidation after user deletion. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.

  • CVE-2025-48960MedJun 4, 2025
    risk 0.38cvss 5.9epss 0.00

    Weak server key used for TLS encryption. The following products are affected: Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938.

  • CVE-2025-30409MedApr 24, 2025
    risk 0.36cvss 5.5epss 0.00

    Denial of service due to allocation of resources without limits. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39904, Acronis Cyber Protect 17 (Windows) before build 41186.

  • CVE-2025-24832MedFeb 27, 2025
    risk 0.36cvss 5.5epss 0.00

    Arbitrary file overwrite during home directory recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 1.8.4.866, Acronis Backup plugin for cPanel & WHM (Linux) before build 1.9.1.892,…

  • CVE-2024-56414MedJan 2, 2025
    risk 0.36cvss 5.5epss 0.00

    Web installer integrity check used weak hash algorithm. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.

  • CVE-2024-49385MedJan 2, 2025
    risk 0.36cvss 5.5epss 0.00

    Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 41736, Acronis True Image OEM (Windows) before build 42575.

  • CVE-2024-34014MedNov 11, 2024
    risk 0.36cvss 5.5epss 0.00

    Arbitrary file overwrite during recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM (Linux) before build 1.9.1.892, Acronis Backup…

  • CVE-2024-8903MedSep 23, 2024
    risk 0.31cvss 4.7epss 0.00

    Local active protection service settings manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows, macOS) before build 38565.

  • CVE-2024-55542MedJan 2, 2025
    risk 0.29cvss 4.4epss 0.00

    Local privilege escalation due to excessive permissions assigned to Tray Monitor service. The following products are affected: Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35895.

Page 1 of 5