Acronis Acronis Cyber Protect 17
28 CVEs affecting Acronis Acronis Cyber Protect 17. Latest disclosed: 2026-03-05. Critical: 0, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-28710 | High | 8.1 | 2026-03-05 | Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows… |
CVE-2026-28727 | High | 7.8 | 2026-03-05 | Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, A… |
CVE-2025-30415 | High | 7.5 | 2025-06-04 | Denial of service due to improper handling of malformed input. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) b… |
CVE-2026-28722 | High | 7.3 | 2026-03-05 | Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. |
CVE-2026-28721 | High | 7.3 | 2026-03-05 | Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. |
CVE-2023-44210 | High | 7.3 | 2023-10-04 | Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux… |
CVE-2026-28713 | High | 7.1 | 2026-03-05 | Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before… |
CVE-2023-48684 | High | 7.1 | 2024-04-29 | Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux… |
CVE-2026-28715 | Medium | 6.5 | 2026-03-05 | Sensitive information disclosure due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before bu… |
CVE-2026-28712 | Medium | 6.3 | 2026-03-05 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. |
CVE-2026-28711 | Medium | 6.3 | 2026-03-05 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. |
CVE-2023-44209 | Medium | 5.6 | 2023-10-04 | Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) b… |
CVE-2026-28725 | Medium | 5.5 | 2026-03-05 | Sensitive information disclosure due to improper configuration of a headless browser. The following products are affected: Acronis Cyber Protect 17 (Linux, Win… |
CVE-2025-11791 | Medium | 5.5 | 2026-03-05 | Sensitive information disclosure and manipulation due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linu… |
CVE-2025-30409 | Medium | 5.5 | 2025-04-24 | Denial of service due to allocation of resources without limits. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build… |
CVE-2023-45243 | Medium | 5.5 | 2023-10-05 | Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) b… |
CVE-2023-45242 | Medium | 5.5 | 2023-10-05 | Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) b… |
CVE-2026-28718 | Medium | 5.3 | 2026-03-05 | Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows… |
CVE-2026-28717 | Medium | 5.0 | 2026-03-05 | Local privilege escalation due to improper directory permissions. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. |
CVE-2026-28714 | Medium | 4.8 | 2026-03-05 | Unnecessary transmission of sensitive cryptographic material. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. |