Primary

Context

Acronis Products Missing Authentication Vulnerability Leading to Sensitive Data Disclosure and Manipulation

Vulnerability

A vulnerability allowing sensitive data disclosure and manipulation has been identified in multiple Acronis products, including Acronis Cyber Protect Cloud Agent (for Linux, macOS, and Windows) prior to build 39870, Acronis Cyber Protect 16 (for Linux, macOS, and Windows) prior to build 39938, and Acronis Cyber Protect 15 (for Linux, macOS, and Windows) prior to build 41800. This vulnerability arises from missing authentication, which could be exploited to access and manipulate sensitive information.

Impact

Exploitation of this vulnerability could lead to unauthorized access and manipulation of sensitive data.

Remediation

Users can update to Acronis Cyber Protect Cloud Agent update C25.03 hotfix 2, Acronis Cyber Protect 16 Update 4, or Acronis Cyber Protect 15 Update 7 to address this vulnerability.

Added: Feb 20, 2026, 1:25 AM

Updated: Feb 20, 2026, 1:25 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.0

remediation

0.0

relevance

3.2

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.0

remediation

0.0

relevance

3.2

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Acronis Products Missing Authentication Vulnerability Leading to Sensitive Data Disclosure and Manipulation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating