Vendor CVEs
Acronis
All CVEs
218 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-30410 | Cri | 0.64 | 9.8 | 0.01 | Feb 20, 2026 | Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 39870, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938, Acronis Cyber Protect… | ||
| CVE-2024-8767 | Cri | 0.64 | 9.9 | 0.00 | Sep 17, 2024 | Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 619, Acronis Backup extension for Plesk (Linux) before build 555, Acronis Backup plugin for… | ||
| CVE-2023-44208 | Cri | 0.59 | 9.1 | 0.00 | Oct 4, 2023 | Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575. | ||
| CVE-2025-7779 | Hig | 0.57 | 8.8 | 0.00 | Sep 30, 2025 | Local privilege escalation due to insecure XPC service configuration. The following products are affected: Acronis True Image (macOS) before build 42389, Acronis True Image for SanDisk (macOS) before build 42198, Acronis True Image for Western Digital (macOS) before build 42197,… | ||
| CVE-2017-3219 | Hig | 0.57 | 8.8 | 0.00 | Jun 21, 2017 | Acronis True Image up to and including version 2017 Build 8053 performs software updates using HTTP. Downloaded updates are only verified using a server-provided MD5 hash. | ||
| CVE-2024-34010 | Hig | 0.53 | 8.2 | 0.00 | Apr 29, 2024 | Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690, Acronis True Image (Windows) before build 42386,… | ||
| CVE-2026-41952 | Hig | 0.51 | 7.8 | 0.00 | Apr 29, 2026 | Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) before build 42183. | ||
| CVE-2026-41220 | Hig | 0.51 | 7.8 | 0.00 | Apr 29, 2026 | Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) before build 42183. | ||
| CVE-2026-33092 | Hig | 0.51 | 7.8 | 0.00 | Apr 10, 2026 | Local privilege escalation due to improper handling of environment variables. The following products are affected: Acronis True Image OEM (macOS) before build 42571, Acronis True Image (macOS) before build 42902. | ||
| CVE-2026-28727 | Hig | 0.51 | 7.8 | 0.00 | Mar 6, 2026 | Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124, Acronis True Image (macOS) before build 42902. | ||
| CVE-2025-9578 | Hig | 0.51 | 7.8 | 0.00 | Aug 28, 2025 | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 40734. | ||
| CVE-2024-34013 | Hig | 0.51 | 7.8 | 0.01 | Jul 18, 2024 | Local privilege escalation due to OS command injection vulnerability. The following products are affected: Acronis True Image (macOS) before build 41396, Acronis True Image OEM (macOS) before build 42571. | ||
| CVE-2023-48677 | Hig | 0.51 | 7.8 | 0.00 | Dec 12, 2023 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901, Acronis Cyber Protect Cloud Agent (Windows) before build 39378, Acronis Cyber Protect 16 (Windows) before build… | ||
| CVE-2022-46869 | Hig | 0.51 | 7.8 | 0.00 | Aug 31, 2023 | Local privilege escalation during installation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis True Image OEM (Windows) before build 42575. | ||
| CVE-2023-41743 | Hig | 0.51 | 7.8 | 0.00 | Aug 31, 2023 | Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Cyber Protect Cloud Agent (Windows) before build 31637, Acronis Cyber Protect 15… | ||
| CVE-2025-30415 | Hig | 0.49 | 7.5 | 0.00 | Jun 4, 2025 | Denial of service due to improper handling of malformed input. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40077, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186. | ||
| CVE-2023-5042 | Hig | 0.49 | 7.5 | 0.00 | Sep 20, 2023 | Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575. | ||
| CVE-2026-50033 | Hig | 0.47 | 7.3 | 0.00 | Jun 3, 2026 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227. | ||
| CVE-2026-44682 | Hig | 0.47 | 7.3 | 0.00 | Jun 3, 2026 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227. | ||
| CVE-2026-44609 | Hig | 0.47 | 7.3 | 0.00 | Jun 3, 2026 | Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227. | ||
| CVE-2026-42061 | Hig | 0.47 | 7.3 | 0.00 | Jun 3, 2026 | Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227. | ||
| CVE-2025-11178 | Hig | 0.47 | 7.3 | 0.00 | Sep 30, 2025 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42386, Acronis True Image for Western Digital (Windows) before build 42636, Acronis True Image for SanDisk (Windows) before build 42679,… | ||
| CVE-2025-48963 | Hig | 0.47 | 7.3 | 0.00 | Aug 28, 2025 | Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40296. | ||
| CVE-2025-48961 | Hig | 0.47 | 7.3 | 0.00 | Jun 4, 2025 | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39938. | ||
| CVE-2023-48684 | Hig | 0.46 | 7.1 | 0.00 | Apr 29, 2024 | Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 37758, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186. | ||
| CVE-2023-48683 | Hig | 0.46 | 7.1 | 0.00 | Apr 29, 2024 | Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 37758, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169. | ||
| CVE-2026-33271 | Med | 0.44 | 6.7 | 0.00 | Apr 2, 2026 | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902. | ||
| CVE-2026-28728 | Med | 0.44 | 6.7 | 0.00 | Apr 2, 2026 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902. | ||
| CVE-2026-27774 | Med | 0.44 | 6.7 | 0.00 | Apr 2, 2026 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902. | ||
| CVE-2025-48959 | Med | 0.44 | 6.7 | 0.00 | Jun 4, 2025 | Local privilege escalation due to insecure file permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 40077. | ||
| CVE-2025-30408 | Med | 0.44 | 6.7 | 0.00 | Apr 24, 2025 | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39904, Acronis Cyber Protect 16 (Windows) before build 39938. | ||
| CVE-2025-24826 | Med | 0.44 | 6.7 | 0.00 | Jan 28, 2025 | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 4625. | ||
| CVE-2024-8766 | Med | 0.44 | 6.7 | 0.00 | Sep 16, 2024 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 38235, Acronis Cyber Protect 16 (Windows) before build 39169. | ||
| CVE-2024-34011 | Med | 0.44 | 6.8 | 0.00 | Apr 29, 2024 | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758. | ||
| CVE-2025-24831 | Med | 0.43 | 6.6 | 0.00 | Jan 31, 2025 | Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378. | ||
| CVE-2024-34016 | Med | 0.42 | 6.5 | 0.00 | Sep 16, 2024 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 38235. | ||
| CVE-2025-30407 | Med | 0.41 | 6.3 | 0.00 | Mar 26, 2025 | Local privilege escalation due to a binary hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39713. | ||
| CVE-2025-24830 | Med | 0.41 | 6.3 | 0.00 | Jan 31, 2025 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378. | ||
| CVE-2025-24829 | Med | 0.41 | 6.3 | 0.00 | Jan 31, 2025 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378. | ||
| CVE-2025-24828 | Med | 0.41 | 6.3 | 0.00 | Jan 31, 2025 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378. | ||
| CVE-2025-24827 | Med | 0.41 | 6.3 | 0.00 | Jan 31, 2025 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378. | ||
| CVE-2024-56413 | Med | 0.40 | 6.1 | 0.00 | Jan 2, 2025 | Missing session invalidation after user deletion. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169. | ||
| CVE-2025-48960 | Med | 0.38 | 5.9 | 0.00 | Jun 4, 2025 | Weak server key used for TLS encryption. The following products are affected: Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938. | ||
| CVE-2025-30409 | Med | 0.36 | 5.5 | 0.00 | Apr 24, 2025 | Denial of service due to allocation of resources without limits. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39904, Acronis Cyber Protect 17 (Windows) before build 41186. | ||
| CVE-2025-24832 | Med | 0.36 | 5.5 | 0.00 | Feb 27, 2025 | Arbitrary file overwrite during home directory recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 1.8.4.866, Acronis Backup plugin for cPanel & WHM (Linux) before build 1.9.1.892,… | ||
| CVE-2024-56414 | Med | 0.36 | 5.5 | 0.00 | Jan 2, 2025 | Web installer integrity check used weak hash algorithm. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169. | ||
| CVE-2024-49385 | Med | 0.36 | 5.5 | 0.00 | Jan 2, 2025 | Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 41736, Acronis True Image OEM (Windows) before build 42575. | ||
| CVE-2024-34014 | Med | 0.36 | 5.5 | 0.00 | Nov 11, 2024 | Arbitrary file overwrite during recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM (Linux) before build 1.9.1.892, Acronis Backup… | ||
| CVE-2024-8903 | Med | 0.31 | 4.7 | 0.00 | Sep 23, 2024 | Local active protection service settings manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows, macOS) before build 38565. | ||
| CVE-2024-55542 | Med | 0.29 | 4.4 | 0.00 | Jan 2, 2025 | Local privilege escalation due to excessive permissions assigned to Tray Monitor service. The following products are affected: Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35895. |
- risk 0.64cvss 9.8epss 0.01
Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 39870, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938, Acronis Cyber Protect…
- risk 0.64cvss 9.9epss 0.00
Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 619, Acronis Backup extension for Plesk (Linux) before build 555, Acronis Backup plugin for…
- risk 0.59cvss 9.1epss 0.00
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575.
- risk 0.57cvss 8.8epss 0.00
Local privilege escalation due to insecure XPC service configuration. The following products are affected: Acronis True Image (macOS) before build 42389, Acronis True Image for SanDisk (macOS) before build 42198, Acronis True Image for Western Digital (macOS) before build 42197,…
- risk 0.57cvss 8.8epss 0.00
Acronis True Image up to and including version 2017 Build 8053 performs software updates using HTTP. Downloaded updates are only verified using a server-provided MD5 hash.
- risk 0.53cvss 8.2epss 0.00
Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690, Acronis True Image (Windows) before build 42386,…
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) before build 42183.
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) before build 42183.
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation due to improper handling of environment variables. The following products are affected: Acronis True Image OEM (macOS) before build 42571, Acronis True Image (macOS) before build 42902.
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124, Acronis True Image (macOS) before build 42902.
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 40734.
- risk 0.51cvss 7.8epss 0.01
Local privilege escalation due to OS command injection vulnerability. The following products are affected: Acronis True Image (macOS) before build 41396, Acronis True Image OEM (macOS) before build 42571.
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901, Acronis Cyber Protect Cloud Agent (Windows) before build 39378, Acronis Cyber Protect 16 (Windows) before build…
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation during installation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis True Image OEM (Windows) before build 42575.
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Cyber Protect Cloud Agent (Windows) before build 31637, Acronis Cyber Protect 15…
- risk 0.49cvss 7.5epss 0.00
Denial of service due to improper handling of malformed input. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40077, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.
- risk 0.49cvss 7.5epss 0.00
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575.
- risk 0.47cvss 7.3epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227.
- risk 0.47cvss 7.3epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227.
- risk 0.47cvss 7.3epss 0.00
Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227.
- risk 0.47cvss 7.3epss 0.00
Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227.
- risk 0.47cvss 7.3epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42386, Acronis True Image for Western Digital (Windows) before build 42636, Acronis True Image for SanDisk (Windows) before build 42679,…
- risk 0.47cvss 7.3epss 0.00
Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40296.
- risk 0.47cvss 7.3epss 0.00
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39938.
- risk 0.46cvss 7.1epss 0.00
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 37758, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.
- risk 0.46cvss 7.1epss 0.00
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 37758, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169.
- risk 0.44cvss 6.7epss 0.00
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902.
- risk 0.44cvss 6.7epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902.
- risk 0.44cvss 6.7epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902.
- risk 0.44cvss 6.7epss 0.00
Local privilege escalation due to insecure file permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 40077.
- risk 0.44cvss 6.7epss 0.00
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39904, Acronis Cyber Protect 16 (Windows) before build 39938.
- risk 0.44cvss 6.7epss 0.00
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 4625.
- risk 0.44cvss 6.7epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 38235, Acronis Cyber Protect 16 (Windows) before build 39169.
- risk 0.44cvss 6.8epss 0.00
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758.
- risk 0.43cvss 6.6epss 0.00
Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.
- risk 0.42cvss 6.5epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 38235.
- risk 0.41cvss 6.3epss 0.00
Local privilege escalation due to a binary hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39713.
- risk 0.41cvss 6.3epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.
- risk 0.41cvss 6.3epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.
- risk 0.41cvss 6.3epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.
- risk 0.41cvss 6.3epss 0.00
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.
- risk 0.40cvss 6.1epss 0.00
Missing session invalidation after user deletion. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.
- risk 0.38cvss 5.9epss 0.00
Weak server key used for TLS encryption. The following products are affected: Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938.
- risk 0.36cvss 5.5epss 0.00
Denial of service due to allocation of resources without limits. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39904, Acronis Cyber Protect 17 (Windows) before build 41186.
- risk 0.36cvss 5.5epss 0.00
Arbitrary file overwrite during home directory recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 1.8.4.866, Acronis Backup plugin for cPanel & WHM (Linux) before build 1.9.1.892,…
- risk 0.36cvss 5.5epss 0.00
Web installer integrity check used weak hash algorithm. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.
- risk 0.36cvss 5.5epss 0.00
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 41736, Acronis True Image OEM (Windows) before build 42575.
- risk 0.36cvss 5.5epss 0.00
Arbitrary file overwrite during recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM (Linux) before build 1.9.1.892, Acronis Backup…
- risk 0.31cvss 4.7epss 0.00
Local active protection service settings manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows, macOS) before build 38565.
- risk 0.29cvss 4.4epss 0.00
Local privilege escalation due to excessive permissions assigned to Tray Monitor service. The following products are affected: Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35895.
Page 1 of 5