cbcvebase.

Acronis Cyber Protect 16 vulnerabilities

36 known vulnerabilities affecting acronis/acronis_cyber_protect_16.

Total CVEs
36
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL5HIGH12MEDIUM18LOW1

Vulnerabilities

Page 1 of 2
CVE-2025-30411P2CRITICALCVSS 10.0≥ unspecified, < 399382026-02-20
CVE-2025-30411 [CRITICAL] CWE-1390 CVE-2025-30411: Sensitive data disclosure and manipulation due to improper authentication. The following products ar Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
nvd
CVE-2025-30412P2CRITICALCVSS 10.0≥ unspecified, < 399382026-02-20
CVE-2025-30412 [CRITICAL] CWE-1390 CVE-2025-30412: Sensitive data disclosure and manipulation due to improper authentication. The following products ar Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
nvd
CVE-2025-30416P2CRITICALCVSS 10.0≥ unspecified, < 399382026-02-20
CVE-2025-30416 [CRITICAL] CWE-862 CVE-2025-30416: Sensitive data disclosure and manipulation due to missing authorization. The following products are Sensitive data disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
nvd
CVE-2025-30410P3CRITICALCVSS 9.8≥ unspecified, < 399382026-02-20
CVE-2025-30410 [CRITICAL] CWE-306 CVE-2025-30410: Sensitive data disclosure and manipulation due to missing authentication. The following products are Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 39870, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 41800.
nvd
CVE-2024-49388P3CRITICALCVSS 9.1≥ unspecified, < 386902024-10-15
CVE-2024-49388 [CRITICAL] CWE-639 CVE-2024-49388: Sensitive information manipulation due to improper authorization. The following products are affecte Sensitive information manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
nvd
CVE-2024-49387P3HIGHCVSS 7.5≥ unspecified, < 386902024-10-15
CVE-2024-49387 [HIGH] CWE-319 CVE-2024-49387: Cleartext transmission of sensitive information in acep-collector service. The following products ar Cleartext transmission of sensitive information in acep-collector service. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
nvd
CVE-2024-34010P3HIGHCVSS 8.2≥ unspecified, < 386902024-04-29
CVE-2024-34010 [HIGH] CWE-428 CVE-2024-34010: Local privilege escalation due to unquoted search path vulnerability. The following products are aff Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690, Acronis True Image (Windows) before build 42386, Acronis True Image OEM (Windows) before build 42575.
nvd
CVE-2023-48677P3HIGHCVSS 7.8≥ unspecified, < 399382023-12-12
CVE-2023-48677 [HIGH] CWE-427 CVE-2023-48677: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901, Acronis Cyber Protect Cloud Agent (Windows) before build 39378, Acronis Cyber Protect 16 (Windows) before build 39938, Acronis True Image OEM (Windows) before build 42575.
nvd
CVE-2024-55543P3HIGHCVSS 7.8≥ unspecified, < 391692025-01-02
CVE-2024-55543 [HIGH] CWE-427 CVE-2024-55543: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.
nvd
CVE-2024-55540P3HIGHCVSS 7.8≥ unspecified, < 391692025-01-02
CVE-2024-55540 [HIGH] CWE-427 CVE-2024-55540: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.
nvd
CVE-2025-48961P3HIGHCVSS 7.3≥ unspecified, < 399382025-06-04
CVE-2025-48961 [HIGH] CWE-732 CVE-2025-48961: Local privilege escalation due to insecure folder permissions. The following products are affected: Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39938.
nvd
CVE-2023-45248P4HIGHCVSS 7.3≥ unspecified, < 373912023-10-09
CVE-2023-45248 [HIGH] CWE-427 CVE-2023-45248: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 36497, Acronis Cyber Protect 16 (Windows) before build 37391.
nvd
CVE-2023-44211P4HIGHCVSS 7.1≥ unspecified, < 373912023-10-05
CVE-2023-44211 [HIGH] CWE-862 CVE-2023-44211: Sensitive information disclosure and manipulation due to missing authorization. The following produc Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 31637, Acronis Cyber Protect 16 (Linux, Windows) before build 37391.
nvd
CVE-2023-45247P4HIGHCVSS 7.1≥ unspecified, < 391692023-10-09
CVE-2023-45247 [HIGH] CWE-862 CVE-2023-45247: Sensitive information disclosure and manipulation due to missing authorization. The following produc Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 36497, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169.
nvd
CVE-2023-45244P4HIGHCVSS 7.1≥ unspecified, < 373912023-10-06
CVE-2023-45244 [HIGH] CWE-862 CVE-2023-45244: Sensitive information disclosure and manipulation due to missing authorization. The following produc Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35895, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 37391.
nvd
CVE-2023-45246P4HIGHCVSS 7.1≥ unspecified, < 391692023-10-06
CVE-2023-45246 [HIGH] CWE-862 CVE-2023-45246: Sensitive information disclosure and manipulation due to missing authorization. The following produc Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 36343, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169.
nvd
CVE-2023-48683P4HIGHCVSS 7.1≥ unspecified, < 391692024-04-29
CVE-2023-48683 [HIGH] CWE-862 CVE-2023-48683: Sensitive information disclosure and manipulation due to missing authorization. The following produc Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 37758, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169.
nvd
CVE-2025-30408P4MEDIUMCVSS 6.7≥ unspecified, < 399382025-04-24
CVE-2025-30408 [MEDIUM] CWE-732 CVE-2025-30408: Local privilege escalation due to insecure folder permissions. The following products are affected: Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39904, Acronis Cyber Protect 16 (Windows) before build 39938.
nvd
CVE-2024-8766P4MEDIUMCVSS 6.7≥ unspecified, < 391692024-09-16
CVE-2024-8766 [MEDIUM] CWE-427 CVE-2024-8766: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 38235, Acronis Cyber Protect 16 (Windows) before build 39169.
nvd
CVE-2024-56413P4MEDIUMCVSS 6.1≥ unspecified, < 391692025-01-02
CVE-2024-56413 [MEDIUM] CWE-613 CVE-2024-56413: Missing session invalidation after user deletion. The following products are affected: Acronis Cyber Missing session invalidation after user deletion. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.
nvd
Acronis Cyber Protect 16 vulnerabilities | cvebase