Primary

Context

Acronis Cyber Protect Cloud Agent Unquoted Search Path Vulnerability Leading to Local Privilege Escalation

Vulnerability

Patched

A local privilege escalation vulnerability has been identified in Acronis Cyber Protect Cloud Agent for Windows, prior to build 39378. This issue arises from an unquoted search path vulnerability, which can be exploited to gain elevated privileges on the system.

Impact

Exploitation of this vulnerability allows for local privilege escalation, enabling a user to gain higher-level permissions on the affected system.

Remediation

Users can update to Acronis Cyber Protect Cloud Agent version C25.01 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Acronis Cyber Protect Cloud Agent Unquoted Search Path Vulnerability Leading to Local Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

Acronis Cyber Protect Cloud Agent

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating