Vulnerabilities in Acronis
192 resultsCVE-2020-10140HIGHAcronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory. Because some privileged processes are executed fEPSS 0.4%CVE-2023-41747MEDIUMSensitive information disclosure due to unauthenticated path traversal. The following products are affected: Acronis Cloud Manager (Windows)EPSS 0.4%CVE-2022-45458MEDIUMSensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis AgeEPSS 0.4%CVE-2022-45457MEDIUMSensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis AgeEPSS 0.4%CVE-2022-45456LOWDenial of service due to unauthenticated API endpoint. The following products are affected: Acronis Agent (Windows, macOS, Linux) before buiEPSS 0.3%CVE-2026-28718MEDIUMDenial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber ProtectEPSS 0.3%CVE-2023-48682MEDIUMStored cross-site scripting (XSS) vulnerability in unit name. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows)EPSS 0.3%CVE-2023-44208HIGHSensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect HEPSS 0.3%CVE-2025-30415HIGHDenial of service due to improper handling of malformed input. The following products are affected: Acronis Cyber Protect Cloud Agent (LinuxEPSS 0.3%CVE-2023-5042MEDIUMSensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office EPSS 0.3%CVE-2022-45459LOWSensitive information disclosure due to insecure registry permissions. The following products are affected: Acronis Agent (Windows) before bEPSS 0.3%CVE-2023-48681LOWSelf cross-site scripting (XSS) vulnerability in storage nodes search field. The following products are affected: Acronis Cyber Protect 16 (EPSS 0.3%CVE-2022-45453MEDIUMTLS/SSL weak cipher suites enabled. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984.EPSS 0.3%CVE-2023-44153LOWSensitive information disclosure due to cleartext storage of sensitive information in memory. The following products are affected: Acronis CEPSS 0.3%CVE-2026-28715MEDIUMSensitive information disclosure due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux,EPSS 0.3%CVE-2024-55541LOWStored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: AcroniEPSS 0.3%CVE-2023-48679LOWStored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: AcroniEPSS 0.3%CVE-2024-49388LOWSensitive information manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, WindEPSS 0.3%CVE-2023-41743HIGHLocal privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber ProtectEPSS 0.3%CVE-2022-45454LOWSensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before buiEPSS 0.3%