Acronis True Image vulnerabilities
11 known vulnerabilities affecting acronis/acronis_true_image.
Total CVEs
11
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH6MEDIUM5
Vulnerabilities
Page 1 of 1
CVE-2025-7779P3HIGHCVSS 8.8≥ unspecified, < 423892025-09-30
CVE-2025-7779 [HIGH] CWE-269 CVE-2025-7779: Local privilege escalation due to insecure XPC service configuration. The following products are aff
Local privilege escalation due to insecure XPC service configuration. The following products are affected: Acronis True Image (macOS) before build 42389, Acronis True Image for SanDisk (macOS) before build 42198, Acronis True Image for Western Digital (macOS) before build 42197, Acronis True Image OEM (macOS) before build 42571.
nvd
CVE-2024-34013P3HIGHCVSS 7.8≥ unspecified, < 413962024-07-18
CVE-2024-34013 [HIGH] CWE-78 CVE-2024-34013: Local privilege escalation due to OS command injection vulnerability. The following products are aff
Local privilege escalation due to OS command injection vulnerability. The following products are affected: Acronis True Image (macOS) before build 41396, Acronis True Image OEM (macOS) before build 42571.
nvd
CVE-2026-33092P3HIGHCVSS 7.8≥ unspecified, < 429022026-04-10
CVE-2026-33092 [HIGH] CWE-15 CVE-2026-33092: Local privilege escalation due to improper handling of environment variables. The following products
Local privilege escalation due to improper handling of environment variables. The following products are affected: Acronis True Image OEM (macOS) before build 42571, Acronis True Image (macOS) before build 42902.
nvd
CVE-2026-28727P3HIGHCVSS 7.8≥ unspecified, < 429022026-03-06
CVE-2026-28727 [HIGH] CWE-276 CVE-2026-28727: Local privilege escalation due to insecure Unix socket permissions. The following products are affec
Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124, Acronis True Image (macOS) before build 42902.
nvd
CVE-2024-34010P3HIGHCVSS 8.2≥ unspecified, < 423862024-04-29
CVE-2024-34010 [HIGH] CWE-428 CVE-2024-34010: Local privilege escalation due to unquoted search path vulnerability. The following products are aff
Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690, Acronis True Image (Windows) before build 42386, Acronis True Image OEM (Windows) before build 42575.
nvd
CVE-2025-11178P3HIGHCVSS 7.3≥ unspecified, < 423862025-09-30
CVE-2025-11178 [HIGH] CWE-427 CVE-2025-11178: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected:
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42386, Acronis True Image for Western Digital (Windows) before build 42636, Acronis True Image for SanDisk (Windows) before build 42679, Acronis True Image OEM (Windows) before build 42575.
nvd
CVE-2026-27774P4MEDIUMCVSS 6.7≥ unspecified, < 429022026-04-02
CVE-2026-27774 [MEDIUM] CWE-427 CVE-2026-27774: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected:
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902.
nvd
CVE-2026-28728P4MEDIUMCVSS 6.7≥ unspecified, < 429022026-04-02
CVE-2026-28728 [MEDIUM] CWE-427 CVE-2026-28728: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected:
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902.
nvd
CVE-2026-33271P4MEDIUMCVSS 6.7≥ unspecified, < 429022026-04-02
CVE-2026-33271 [MEDIUM] CWE-732 CVE-2026-33271: Local privilege escalation due to insecure folder permissions. The following products are affected:
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902.
nvd
CVE-2024-49385P4MEDIUMCVSS 5.5≥ unspecified, < 417362025-01-02
CVE-2024-49385 [MEDIUM] CWE-732 CVE-2024-49385: Sensitive information disclosure due to insecure folder permissions. The following products are affe
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 41736, Acronis True Image OEM (Windows) before build 42575.
nvd
CVE-2024-55538P4MEDIUMCVSS 4.0≥ unspecified, < 41725≥ unspecified, < 417362025-01-02
CVE-2024-55538 [MEDIUM] CWE-306 CVE-2024-55538: Sensitive information disclosure due to missing authentication. The following products are affected:
Sensitive information disclosure due to missing authentication. The following products are affected: Acronis True Image (macOS) before build 41725, Acronis True Image (Windows) before build 41736, Acronis True Image OEM (macOS) before build 42571, Acronis True Image OEM (Windows) before build 42575.
nvd