45 matches found
CVE-2023-44213
CVE-2023-44213 affects Acronis Cyber Protect Cloud Agent (Windows) before build 35739 and Acronis Cyber Protect 16 (Windows) before build 37391. Root cause: excessive collection of system information leading to sensitive information disclosure. Impact (as stated): disclosure of sensitive informat...
CVE-2023-45241
CVE-2023-45241 affects Acronis products with a sensitive information leak through log files. Affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35739 and Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 37391. Several connected sources confirm the issue ...
CVE-2023-44211
The CVE-2023-44211 issue involves missing authorization allowing sensitive information disclosure and manipulation in Acronis products. Affected are: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 31637; Acronis Cyber Protect 16 (Linux, Windows) before build 37391. Root ca...
CVE-2023-45248
CVE-2023-45248 describes a local privilege escalation caused by a DLL hijacking flaw in Acronis products. Affected: Acronis Cyber Protect Cloud Agent (Windows) before build 36497; Acronis Cyber Protect 16 (Windows) before build 37391. Root cause: DLL hijacking leading to an uncontrolled search pa...
CVE-2023-45244
CVE-2023-45244 describes a sensitive information disclosure and manipulation vulnerability due to missing authorization in several Acronis products. Affected: Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35895; Cyber Protect 16 (Linux, macOS, Windows) before build 37391; and Acr...
CVE-2022-30990
CVE-2022-30990 involves an information-disclosure vulnerability caused by insecure folder permissions in Acronis Cyber Protect 15 (Linux) before build 29240 and Acronis Agent (Linux) before build 28037. The issue’s root cause is improper access control on directories leading to exposure of sensit...
CVE-2023-45246
The CVE-2023-45246 issue affects Acronis products: Cyber Protect Cloud Agent (Linux/macOS/Windows) before build 36343 and Cyber Protect 16 before build 39169. It stems from missing/improper authentication, enabling sensitive information disclosure and manipulation (confidentiality and integrity i...
CVE-2023-45240
CVE-2023-45240 affects Acronis Agent on Linux, macOS and Windows (prior to build 35739). The root cause is missing authorization, leading to potentially sensitive information disclosure. Impact is confined to confidentiality (High) per CVSS data; exploitation details are not provided in the docum...
CVE-2023-45247
CVE-2023-45247 affects Acronis Cyber Protect Cloud Agent (Linux/macOS/Windows) before build 36497 and Acronis Cyber Protect 16 before build 39169 (also Acronis Agent variants before 36497 per PT-2023-5801). The vulnerability stems from missing authorization, enabling sensitive information disclos...
CVE-2023-44212
CVE-2023-44212 affects Acronis Agent (Linux, macOS, Windows) prior to build 31477. The issue is sensitive information disclosure and manipulation due to missing authorization. Exploitation status is not documented in the provided sources. Impact is described as HIGH for confidentiality and integr...
CVE-2021-44204
The CVE-2021-44204 entry concerns a local privilege escalation via named pipes caused by improper access control checks. Affected Windows products and builds include: Acronis Cyber Protect 15 before 28035, Acronis Agent before 27147, Acronis Cyber Protect Home Office before 39612, and Acronis Tru...
CVE-2022-45454
CVE-2022-45454 affects Acronis Agent (Windows) before build 30161 and Acronis Cyber Protect 15 (Windows) before build 30984. Root cause is insecure folder permissions, causing potential disclosure of sensitive information. Affected products: Acronis Agent (Windows) prior to 30161; Acronis Cyber P...
CVE-2023-45243
CVE-2023-45243 affects Acronis Agent (Linux, macOS, Windows) before build 35739. Root cause: missing authorization leads to sensitive information disclosure. Impact: confidentiality exposure (HIGH). Public references show a patch/update to build 35739 or later as remediation; follow vendor adviso...
CVE-2023-41745
CVE-2023-41745 affects Acronis Agent (Linux, macOS, Windows) before build 30991 and Acronis Cyber Protect 15 before build 35979. The underlying issue is excessive collection of system information, causing disclosure of sensitive data. Exploitation details are not provided in the connected documen...
CVE-2022-45451
CVE-2022-45451 is a local privilege escalation affecting Acronis products on Windows due to insecure driver communication port permissions. Affected: Acronis Cyber Protect Home Office (before build 40173), Acronis Agent (before 30600), and Acronis Cyber Protect 15 (before 30984). Root cause: inse...
CVE-2022-45455
CVE-2022-45455 affects Acronis Cyber Protect Home Office (Windows) before build 40107, Acronis Agent (Windows) before build 30025, and Acronis Cyber Protect 15 (Windows) before build 30984. The issue is a local privilege escalation caused by incomplete uninstall cleanup, allowing an attacker to e...
CVE-2023-41743
The CVE-2023-41743 issue is a local privilege escalation in Acronis products due to insecure driver communication port permissions. Affected: Acronis Cyber Protect Home Office (Windows) < build 40278; Acronis Agent (Windows) < build 31637; Acronis Cyber Protect 15 (Windows)
CVE-2023-44214
CVE-2023-44214 affects Acronis Agent on Linux, macOS, and Windows prior to build 35739. Root cause: missing authorization leads to sensitive information disclosure with high confidentiality impact. Local access required (per CVSS) and no explicit exploitation details are provided in the CVE entry...
CVE-2022-24113
CVE-2022-24113 : Local privilege escalation due to excessive permissions assigned to child processes. Affects Windows versions of Acronis products listed in the CVE: Acronis Cyber Protect 15 (before 28035), Acronis Agent (before 27147), Acronis Cyber Protect Home Office (before 39612), and Acroni...
CVE-2023-41742
The CVE-2023-41742 issue affects Acronis Agent (Linux, macOS, Windows) prior to build 30430 and Acronis Cyber Protect 15 prior to build 35979. Root cause: binding to an unrestricted IP address, resulting in an excessive attack surface. Impact as described: CVSSv3 base score 7.5 (Network, High). R...
CVE-2023-45242
CVE-2023-45242 describes a sensitive information disclosure due to missing authorization in the Acronis Agent across Linux, macOS, and Windows prior to build 35739. Connected sources confirm the root cause as authorization failures that permit exposure of protected data, with a base CVSS v3.1 sco...
CVE-2020-14999
CVE-2020-14999 affects Acronis Agent’s system monitoring driver, where a logic bug allowed bypassing Windows memory protection and accessing sensitive data. Publicly documented affected range is 12.5.21540 through 12.5.23093; a fix appears in 12.5.23094. The issue is described across multiple sou...
CVE-2023-41751
CVE-2023-41751 affects Acronis Agent (Windows) before build 32047. The root cause is improper token expiration validation, enabling potential disclosure of sensitive information (confidentiality impact: HIGH). The vulnerability is local in nature (attack vector: LOCAL) with low privileges require...
CVE-2021-44199
CVE-2021-44199 involves a DLL hijacking vulnerability that could cause a denial of service. Affected products (Windows): Acronis Cyber Protect 15 before build 28035 , Acronis Agent before build 27305 , and Acronis Cyber Protect Home Office before build 39612 . The provided documents confirm the v...
CVE-2023-4688
The CVE-2023-4688 entry affects Acronis Agent on Linux, macOS, and Windows, with vulnerable prior to build 35433. Root cause cited across connected docs is insufficient protection of registration data, producing a sensitive information leak via log files. Impact is described as disclosure of logs...
CVE-2022-45459
CVE-2022-45459 involves a vulnerability in Acronis Agent (Windows) and Acronis Cyber Protect 15 (Windows) caused by insecure registry permissions, enabling potential disclosure of sensitive information. Affected versions are Acronis Agent before build 30025 and Acronis Cyber Protect 15 before bui...
CVE-2023-45245
CVE-2023-45245 concerns Acronis Agent (Linux, macOS, Windows) prior to build 36119. Reported as a missing authorization leading to sensitive information disclosure. Affected component: the agent software that handles access to protected data; root cause stated as unauthorized access allowing disc...
CVE-2023-41744
CVE-2023-41744 : Local privilege escalation due to unrestricted loading of unsigned libraries. Affected on macOS: Acronis Agent before build 30600, and Acronis Cyber Protect 15 before build 35979. Root cause: unsigned libraries loaded without restriction. Impact: local attacker could escalate pri...
CVE-2023-44209
CVE-2023-44209 affects Acronis Agent (Linux, macOS, Windows) prior to build 29051. Root cause is improper handling of soft links, enabling local privilege escalation with the stated impact on confidentiality, integrity, and availability. Documentation provides the affected product and build range...
CVE-2023-44210
CVE-2023-44210 affects Acronis Agent on Linux, macOS, and Windows with builds before 29258 . The root cause is missing authorization, enabling sensitive information disclosure and manipulation . Public details in connected sources confirm vulnerable versions and the specific build to remediate. T...
CVE-2022-45458
CVE-2022-45458 affects Acronis Agent (Windows/macOS/Linux) prior to build 29633 and Acronis Cyber Protect 15 prior to build 30984. The issue arises from improper certification validation, enabling sensitive information disclosure (and manipulation) with no user interaction. Acronis lists the fix ...
CVE-2021-34800
CVE-2021-34800 affects Acronis Agent (Windows, Linux, macOS) prior to build 27147. The vulnerability is an information disclosure where sensitive product details are logged in log files. Connected sources confirm affected builds and describe the issue as a log information disclosure; no exploitat...
CVE-2023-41750
CVE-2023-41750 affects Acronis Agent on Linux, macOS, Windows prior to build 32047 . The root cause is missing authorization , causing sensitive information disclosure . Documents consistently tie the issue to protected information exposure via the agent. Exploitation status is not detailed in th...
CVE-2022-45456
CVE-2022-45456 affects Acronis Agent (Windows, macOS, Linux) prior to build 30161. The vulnerability stems from an unauthenticated API endpoint that can lead to denial of service. Documented impact is a DoS with availability impact; exploitation status is not shown in the supplied sources. Multip...
CVE-2023-48676
Acronis Cyber Protect Cloud Agent (Windows) prior to build 36943 is affected by a missing authorization vulnerability that can lead to sensitive information disclosure and manipulation. The issue is associated with unauthorized access to protected data on the agent. Remediation: upgrade to build ...
CVE-2022-45450
CVE-2022-45450 affects Acronis Agent (Linux, macOS, Windows) before build 28610 and Acronis Cyber Protect 15 before build 30984. Root cause: improper authorization leading to sensitive information disclosure. Documented impact: disclosure (confidentiality) and manipulation; no exploitation detail...
CVE-2022-45452
CVE-2022-45452 affects Acronis Agent (Windows) before build 30430 and Acronis Cyber Protect 15 (Windows) before build 30984. The root cause is insecure folder permissions enabling local privilege escalation. The issue is documented with explicit vulnerable products/versions and remediation guidan...
CVE-2023-41749
CVE-2023-41749 concerns an information-disclosure in Acronis Agent (Windows) prior to build 32047 and Acronis Cyber Protect 15 prior to build 35979. The root cause is excessive collection of system information, leading to exposure of sensitive data. Affected products/components: Acronis Agent and...
CVE-2022-45457
CVE-2022-45457 affects Acronis Agent (Windows) before build 29633 and Acronis Cyber Protect 15 (Windows) before build 30984. The root cause is improper certification validation, leading to sensitive information disclosure and manipulation. Public sources consistently describe this as a certificat...
CVE-2025-11790
The CVE concerns Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) prior to build 41124, where credentials are not deleted after plan revocation. Affected components: the Acronis Agent software. Root cause: data persistence of credentials after revocation is not addressed (per CVE notes)....
CVE-2026-28713
CVE-2026-28713 concerns default credentials assigned to a local privileged user in a Virtual Appliance. Affected are: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, and Acronis Cyber Protect 17 (VMware) before build 41186. The vulnerability allows high impact on confidentiality an...
CVE-2026-28727
CVE-2026-28727 : Local privilege escalation caused by insecure Unix socket permissions. Affected on macOS: Acronis Cyber Protect 17 before build 41186 and Acronis Cyber Protect Cloud Agent before build 41124. The CVSS vector indicates LOCAL access, low privileges required, no user interaction, wi...
CVE-2025-11792
The CVE-2025-11792 entry affects Acronis Cyber Protect Cloud Agent on Windows, vulnerable prior to build 41124, due to DLL hijacking enabling local privilege escalation. The issue is a local exploit with high impact on confidentiality, integrity, and availability as per CVSS v3.0: AV:L/AC:L/PR:L/...
CVE-2025-11791
CVE-2025-11791 affects Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186 and Acronis Cyber Protect Cloud Agent before build 41124. The root cause is insufficient authorization checks, yielding potential sensitive information disclosure and manipulation. In Red Hat, NVD, ENISA, a...
CVE-2025-30413
CVE-2025-30413 affects Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40497 and Acronis Cyber Protect 17 before build 41186. The issue: credentials are not deleted from the Acronis Agent after plan revocation. Impact per CVSSv3: Confidentiality High, Integrity None, Availa...