Primary

Context

Acronis Products Local Privilege Escalation Vulnerability

Vulnerability

Patched

A local privilege escalation vulnerability has been identified in Acronis DeviceLock DLP (Windows) versions prior to build 9.0.93212 and Acronis Cyber Protect Cloud Agent (Windows) versions prior to build 42183. This vulnerability arises from improper input validation, which could be exploited to gain elevated privileges on the affected system.

Impact

Exploitation of this vulnerability allows for local privilege escalation, enabling a user to gain elevated rights on the system.

Remediation

Users can update to Acronis DeviceLock DLP 9.0 Update 6 or Acronis Cyber Protect Cloud Agent update C26.03 to address this vulnerability.

Added: Apr 29, 2026, 3:21 PM

Updated: Apr 29, 2026, 3:21 PM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

10.0

exploitability

3.3

remediation

7.7

relevance

7.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

10.0

exploitability

3.3

remediation

7.7

relevance

7.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Acronis Products Local Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Acronis Cyber Protect Cloud Agent

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating