cbcvebase.

Acronis Cyber Protect 15 vulnerabilities

47 known vulnerabilities affecting acronis/acronis_cyber_protect_15.

Total CVEs
47
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH28MEDIUM13

Vulnerabilities

Page 1 of 3
CVE-2022-3405P3HIGHCVSS 8.8PoC≥ unspecified, < 294862023-05-03
CVE-2022-3405 [HIGH] CWE-269 CVE-2022-3405: Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.
nvd
CVE-2022-30995P3HIGHCVSS 7.5PoC≥ unspecified, < 294862023-05-03
CVE-2022-30995 [HIGH] CWE-287 CVE-2022-30995: Sensitive information disclosure due to improper authentication. The following products are affected Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.
nvd
CVE-2025-30411P2CRITICALCVSS 10.0≥ unspecified, < 418002026-02-20
CVE-2025-30411 [CRITICAL] CWE-1390 CVE-2025-30411: Sensitive data disclosure and manipulation due to improper authentication. The following products ar Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
nvd
CVE-2025-30412P2CRITICALCVSS 10.0≥ unspecified, < 418002026-02-20
CVE-2025-30412 [CRITICAL] CWE-1390 CVE-2025-30412: Sensitive data disclosure and manipulation due to improper authentication. The following products ar Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
nvd
CVE-2025-30416P2CRITICALCVSS 10.0≥ unspecified, < 418002026-02-20
CVE-2025-30416 [CRITICAL] CWE-862 CVE-2025-30416: Sensitive data disclosure and manipulation due to missing authorization. The following products are Sensitive data disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
nvd
CVE-2025-30410P3CRITICALCVSS 9.8≥ unspecified, < 418002026-02-20
CVE-2025-30410 [CRITICAL] CWE-306 CVE-2025-30410: Sensitive data disclosure and manipulation due to missing authentication. The following products are Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 39870, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 41800.
nvd
CVE-2023-44152P3CRITICALCVSS 9.1≥ unspecified, < 359792023-09-27
CVE-2023-44152 [CRITICAL] CWE-306 CVE-2023-44152: Sensitive information disclosure and manipulation due to improper authentication. The following prod Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
nvd
CVE-2023-44206P3CRITICALCVSS 9.1≥ unspecified, < 359792023-09-27
CVE-2023-44206 [CRITICAL] CWE-639 CVE-2023-44206: Sensitive information disclosure and manipulation due to improper authorization. The following produ Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
nvd
CVE-2023-44154P3HIGHCVSS 8.1≥ unspecified, < 359792023-09-27
CVE-2023-44154 [HIGH] CWE-639 CVE-2023-44154: Sensitive information disclosure and manipulation due to improper authorization. The following produ Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
nvd
CVE-2022-45451P3HIGHCVSS 7.8≥ unspecified, < 309842023-08-31
CVE-2022-45451 [HIGH] CWE-269 CVE-2022-45451: Local privilege escalation due to insecure driver communication port permissions. The following prod Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173, Acronis Agent (Windows) before build 30600, Acronis Cyber Protect 15 (Windows) before build 30984.
nvd
CVE-2023-41743P3HIGHCVSS 7.8≥ unspecified, < 359792023-08-31
CVE-2023-41743 [HIGH] CWE-269 CVE-2023-41743: Local privilege escalation due to insecure driver communication port permissions. The following prod Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Cyber Protect Cloud Agent (Windows) before build 31637, Acronis Cyber Protect 15 (Windows) before build 35979, Acronis True Image OEM (Windows) before build 42575
nvd
CVE-2022-45450P3HIGHCVSS 7.5≥ unspecified, < 309842023-05-18
CVE-2022-45450 [HIGH] CWE-285 CVE-2022-45450: Sensitive information disclosure and manipulation due to improper authorization. The following produ Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 28610, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 30984.
nvd
CVE-2022-45458P3HIGHCVSS 7.5≥ unspecified, < 309842023-05-18
CVE-2022-45458 [HIGH] CWE-295 CVE-2022-45458: Sensitive information disclosure and manipulation due to improper certification validation. The foll Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 29633, Acronis Cyber Protect 15 (Windows, macOS, Linux) before build 30984.
nvd
CVE-2023-44156P3HIGHCVSS 7.5≥ unspecified, < 359792023-09-27
CVE-2023-44156 [HIGH] CWE-359 CVE-2023-44156: Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
nvd
CVE-2023-44155P3HIGHCVSS 7.5≥ unspecified, < 359792023-09-27
CVE-2023-44155 [HIGH] CWE-532 CVE-2023-44155: Sensitive information leak through log files. The following products are affected: Acronis Cyber Pro Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
nvd
CVE-2023-41742P3HIGHCVSS 7.5≥ unspecified, < 359792023-08-31
CVE-2023-41742 [HIGH] CWE-1327 CVE-2023-41742: Excessive attack surface due to binding to an unrestricted IP address. The following products are af Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30430, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
nvd
CVE-2022-45457P3HIGHCVSS 7.5≥ unspecified, < 309842023-05-18
CVE-2022-45457 [HIGH] CWE-295 CVE-2022-45457: Sensitive information disclosure and manipulation due to improper certification validation. The foll Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows) before build 29633, Acronis Cyber Protect 15 (Windows) before build 30984.
nvd
CVE-2022-45453P3HIGHCVSS 7.5≥ unspecified, < 309842023-05-18
CVE-2022-45453 [HIGH] CWE-310 CVE-2022-45453: TLS/SSL weak cipher suites enabled. The following products are affected: Acronis Cyber Protect 15 (W TLS/SSL weak cipher suites enabled. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984.
nvd
CVE-2023-44153P3HIGHCVSS 7.5≥ unspecified, < 359792023-09-27
CVE-2023-44153 [HIGH] CWE-316 CVE-2023-44153: Sensitive information disclosure due to cleartext storage of sensitive information in memory. The fo Sensitive information disclosure due to cleartext storage of sensitive information in memory. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
nvd
CVE-2023-44157P3HIGHCVSS 7.8≥ unspecified, < 359792023-09-27
CVE-2023-44157 [HIGH] CWE-276 CVE-2023-44157: Local privilege escalation due to insecure folder permissions. The following products are affected: Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 35979.
nvd
Acronis Cyber Protect 15 vulnerabilities | cvebase