Vulnerabilities (CVE)

Filtered by vendor Acronis Subscribe
Total 134 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-41746 2 Acronis, Microsoft 2 Cloud Manager, Windows 2024-11-21 N/A 9.8 CRITICAL
Remote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203.
CVE-2023-41745 4 Acronis, Apple, Linux and 1 more 5 Agent, Cyber Protect, Macos and 2 more 2024-11-21 N/A 5.5 MEDIUM
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30991, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
CVE-2023-41744 2 Acronis, Apple 3 Agent, Cyber Protect, Macos 2024-11-21 N/A 7.8 HIGH
Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Agent (macOS) before build 30600, Acronis Cyber Protect 15 (macOS) before build 35979.
CVE-2023-41743 2 Acronis, Microsoft 4 Agent, Cyber Protect, Cyber Protect Home Office and 1 more 2024-11-21 N/A 7.8 HIGH
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Agent (Windows) before build 31637, Acronis Cyber Protect 15 (Windows) before build 35979.
CVE-2023-41742 4 Acronis, Apple, Linux and 1 more 5 Agent, Cyber Protect, Macos and 2 more 2024-11-21 N/A 7.5 HIGH
Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30430, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
CVE-2023-2782 1 Acronis 1 Cyber Infrastructure 2024-11-21 N/A 5.5 MEDIUM
Sensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.3.1-38.
CVE-2023-2360 1 Acronis 1 Cyber Infrastructure 2024-11-21 N/A 7.5 HIGH
Sensitive information disclosure due to CORS misconfiguration. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.2.0-135.
CVE-2023-2355 1 Acronis 1 Snap Deploy 2024-11-21 N/A 7.8 HIGH
Local privilege escalation due to a DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 3900.
CVE-2022-4418 2 Acronis, Microsoft 2 Cyber Protect Home Office, Windows 2024-11-21 N/A 7.8 HIGH
Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40208.
CVE-2022-46869 2 Acronis, Microsoft 2 Cyber Protect Home Office, Windows 2024-11-21 N/A 7.8 HIGH
Local privilege escalation during installation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278.
CVE-2022-46868 2 Acronis, Microsoft 2 Cyber Protect Home Office, Windows 2024-11-21 N/A 7.8 HIGH
Local privilege escalation during recovery due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173.
CVE-2022-45459 2 Acronis, Microsoft 3 Agent, Cyber Protect, Windows 2024-11-21 N/A 7.5 HIGH
Sensitive information disclosure due to insecure registry permissions. The following products are affected: Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984.
CVE-2022-45458 4 Acronis, Apple, Linux and 1 more 5 Agent, Cyber Protect, Macos and 2 more 2024-11-21 N/A 7.5 HIGH
Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 29633, Acronis Cyber Protect 15 (Windows, macOS, Linux) before build 30984.
CVE-2022-45457 2 Acronis, Microsoft 3 Agent, Cyber Protect, Windows 2024-11-21 N/A 7.5 HIGH
Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows) before build 29633, Acronis Cyber Protect 15 (Windows) before build 30984.
CVE-2022-45456 4 Acronis, Apple, Linux and 1 more 4 Agent, Macos, Linux Kernel and 1 more 2024-11-21 N/A 7.5 HIGH
Denial of service due to unauthenticated API endpoint. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 30161.
CVE-2022-45455 2 Acronis, Microsoft 4 Agent, Cyber Protect, Cyber Protect Home Office and 1 more 2024-11-21 N/A 7.8 HIGH
Local privilege escalation due to incomplete uninstallation cleanup. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107, Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984.
CVE-2022-45454 2 Acronis, Microsoft 3 Agent, Cyber Protect, Windows 2024-11-21 N/A 7.5 HIGH
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build 30161, Acronis Cyber Protect 15 (Windows) before build 30984.
CVE-2022-45453 3 Acronis, Linux, Microsoft 3 Cyber Protect, Linux Kernel, Windows 2024-11-21 N/A 7.5 HIGH
TLS/SSL weak cipher suites enabled. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984.
CVE-2022-45452 2 Acronis, Microsoft 3 Agent, Cyber Protect, Windows 2024-11-21 N/A 7.8 HIGH
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build 30430, Acronis Cyber Protect 15 (Windows) before build 30984.
CVE-2022-45451 1 Acronis 3 Agent, Cyber Protect, Cyber Protect Home Office 2024-11-21 N/A 7.8 HIGH
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173, Acronis Agent (Windows) before build 30600, Acronis Cyber Protect 15 (Windows) before build 30984.