cbcvebase.

Acronis Cyber Protect 17 vulnerabilities

28 known vulnerabilities affecting acronis/acronis_cyber_protect_17.

Total CVEs
28
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH9MEDIUM18

Vulnerabilities

Page 1 of 2
CVE-2026-28710P3CRITICALCVSS 9.8≥ unspecified, < 411862026-03-06
CVE-2026-28710 [CRITICAL] CWE-1390 CVE-2026-28710: Sensitive information disclosure and manipulation due to improper authentication. The following prod Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
nvd
CVE-2026-28718P3HIGHCVSS 7.5≥ unspecified, < 411862026-03-06
CVE-2026-28718 [HIGH] CWE-779 CVE-2026-28718: Denial of service due to insufficient input validation in authentication logging. The following prod Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
nvd
CVE-2026-28727P3HIGHCVSS 7.8≥ unspecified, < 411862026-03-06
CVE-2026-28727 [HIGH] CWE-276 CVE-2026-28727: Local privilege escalation due to insecure Unix socket permissions. The following products are affec Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124, Acronis True Image (macOS) before build 42902.
nvd
CVE-2023-44209P3HIGHCVSS 7.8≥ unspecified, < 411862023-10-04
CVE-2023-44209 [HIGH] CWE-610 CVE-2023-44209: Local privilege escalation due to improper soft link handling. The following products are affected: Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 29051, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.
nvd
CVE-2026-28721P3HIGHCVSS 7.3≥ unspecified, < 411862026-03-06
CVE-2026-28721 [HIGH] CWE-610 CVE-2026-28721: Local privilege escalation due to improper soft link handling. The following products are affected: Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
nvd
CVE-2026-28722P3HIGHCVSS 7.3≥ unspecified, < 411862026-03-06
CVE-2026-28722 [HIGH] CWE-610 CVE-2026-28722: Local privilege escalation due to improper soft link handling. The following products are affected: Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
nvd
CVE-2025-30415P3HIGHCVSS 7.5≥ unspecified, < 411862025-06-04
CVE-2025-30415 [HIGH] CWE-1286 CVE-2025-30415: Denial of service due to improper handling of malformed input. The following products are affected: Denial of service due to improper handling of malformed input. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40077, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.
nvd
CVE-2026-28715P3MEDIUMCVSS 6.5≥ unspecified, < 411862026-03-06
CVE-2026-28715 [MEDIUM] CWE-863 CVE-2026-28715: Sensitive information disclosure due to improper authorization checks. The following products are af Sensitive information disclosure due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
nvd
CVE-2026-28713P4HIGHCVSS 7.1≥ unspecified, < 411862026-03-06
CVE-2026-28713 [HIGH] CWE-1392 CVE-2026-28713: Default credentials set for local privileged user in Virtual Appliance. The following products are a Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, Acronis Cyber Protect 17 (VMware) before build 41186.
nvd
CVE-2023-48684P4HIGHCVSS 7.1≥ unspecified, < 411862024-04-29
CVE-2023-48684 [HIGH] CWE-862 CVE-2023-48684: Sensitive information disclosure and manipulation due to missing authorization. The following produc Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 37758, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.
nvd
CVE-2025-11791P4HIGHCVSS 7.1≥ unspecified, < 411862026-03-06
CVE-2025-11791 [HIGH] CWE-862 CVE-2025-11791: Sensitive information disclosure and manipulation due to insufficient authorization checks. The foll Sensitive information disclosure and manipulation due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 41124.
nvd
CVE-2026-28712P4MEDIUMCVSS 6.3≥ unspecified, < 411862026-03-06
CVE-2026-28712 [MEDIUM] CWE-427 CVE-2026-28712: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
nvd
CVE-2026-28711P4MEDIUMCVSS 6.3≥ unspecified, < 411862026-03-06
CVE-2026-28711 [MEDIUM] CWE-427 CVE-2026-28711: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
nvd
CVE-2023-44210P4MEDIUMCVSS 5.5≥ unspecified, < 411862023-10-04
CVE-2023-44210 [MEDIUM] CWE-862 CVE-2023-44210: Sensitive information disclosure and manipulation due to missing authorization. The following produc Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 29258, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.
nvd
CVE-2023-45243P4MEDIUMCVSS 5.5≥ unspecified, < 411862023-10-05
CVE-2023-45243 [MEDIUM] CWE-862 CVE-2023-45243: Sensitive information disclosure due to missing authorization. The following products are affected: Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35739, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.
nvd
CVE-2023-45242P4MEDIUMCVSS 5.5≥ unspecified, < 411862023-10-05
CVE-2023-45242 [MEDIUM] CWE-862 CVE-2023-45242: Sensitive information disclosure due to missing authorization. The following products are affected: Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35739, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.
nvd
CVE-2026-28717P4MEDIUMCVSS 5.0≥ unspecified, < 411862026-03-06
CVE-2026-28717 [MEDIUM] CWE-276 CVE-2026-28717: Local privilege escalation due to improper directory permissions. The following products are affecte Local privilege escalation due to improper directory permissions. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
nvd
CVE-2026-28724P4MEDIUMCVSS 4.3≥ unspecified, < 411862026-03-06
CVE-2026-28724 [MEDIUM] CWE-863 CVE-2026-28724: Unauthorized data access due to insufficient access control validation. The following products are a Unauthorized data access due to insufficient access control validation. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
nvd
CVE-2026-28725P4MEDIUMCVSS 5.5≥ unspecified, < 411862026-03-06
CVE-2026-28725 [MEDIUM] CWE-732 CVE-2026-28725: Sensitive information disclosure due to improper configuration of a headless browser. The following Sensitive information disclosure due to improper configuration of a headless browser. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
nvd
CVE-2026-28720P4MEDIUMCVSS 4.3≥ unspecified, < 411862026-03-06
CVE-2026-28720 [MEDIUM] CWE-863 CVE-2026-28720: Unauthorized modification of settings due to insufficient authorization checks. The following produc Unauthorized modification of settings due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
nvd
Acronis Cyber Protect 17 vulnerabilities | cvebase