CVE-2024-55538
published 2025-01-02CVE-2024-55538: Sensitive information disclosure due to missing authentication. The following products are affected: Acronis True Image (macOS) before build 41725, Acronis…
PriorityP416medium4CVSS 3.0
AVLACLPRNUINSUCLINAN
EPSS
0.18%
7.3th percentile
Sensitive information disclosure due to missing authentication. The following products are affected: Acronis True Image (macOS) before build 41725, Acronis True Image (Windows) before build 41736, Acronis True Image OEM (macOS) before build 42571, Acronis True Image OEM (Windows) before build 42575.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| acronis | acronis_true_image | >= unspecified < 41725 | 41725 |
| acronis | acronis_true_image | >= unspecified < 41736 | 41736 |
| acronis | acronis_true_image_oem | >= unspecified < 42571 | 42571 |
| acronis | acronis_true_image_oem | >= unspecified < 42575 | 42575 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Acronis True Image missing authentication
vuldb·2026-04-15·CVSS 4.0
CVE-2024-55538 [MEDIUM] Acronis True Image missing authentication
A vulnerability classified as critical has been found in Acronis True Image. This impacts an unknown function. Performing a manipulation results in missing authentication.
This vulnerability is cataloged as CVE-2024-55538. The attack must be initiated from a local position. There is no exploit available.
It is recommended to upgrade the affected component.
GHSA
GHSA-wjv5-m9xx-wpj6: Sensitive information disclosure due to missing authentication
ghsa_unreviewed·2025-01-02
CVE-2024-55538 [MEDIUM] CWE-306 GHSA-wjv5-m9xx-wpj6: Sensitive information disclosure due to missing authentication
Sensitive information disclosure due to missing authentication. The following products are affected: Acronis True Image (macOS) before build 41725, Acronis True Image (Windows) before build 41736.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-01-02
Published