Every CVE whose affected-product data names Acronis Agent, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (45)
CVE-2026-28727 — CVSS 7.8 (high): Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS)…
CVE-2021-44204 — CVSS 7.8 (high): Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect…
CVE-2022-45451 — CVSS 7.8 (high): Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber…
CVE-2022-45452 — CVSS 7.8 (high): Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build…
CVE-2022-24113 — CVSS 7.8 (high): Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber…
CVE-2023-41743 — CVSS 7.8 (high): Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber…
CVE-2023-41744 — CVSS 7.8 (high): Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Agent (macOS)…
CVE-2023-44209 — CVSS 7.8 (high): Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent…
CVE-2022-45455 — CVSS 7.8 (high): Local privilege escalation due to incomplete uninstallation cleanup. The following products are affected: Acronis Cyber Protect Home Office…
CVE-2023-41742 — CVSS 7.5 (high): Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent (Linux, macOS…
CVE-2023-41749 — CVSS 7.5 (high): Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent…
CVE-2022-30990 — CVSS 7.5 (high): Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Linux)…
CVE-2021-34800 — CVSS 7.5 (high): Sensitive information could be logged. The following products are affected: Acronis Agent (Windows, Linux, macOS) before build 27147
CVE-2020-14999 — CVSS 7.5 (high): A logic bug in system monitoring driver of Acronis Agent after 12.5.21540 and before 12.5.23094 allowed to bypass Windows memory protection…
CVE-2022-45450 — CVSS 7.5 (high): Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Agent (Linux…
CVE-2022-45454 — CVSS 7.5 (high): Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before…
CVE-2022-45456 — CVSS 7.5 (high): Denial of service due to unauthenticated API endpoint. The following products are affected: Acronis Agent (Windows, macOS, Linux) before…
CVE-2022-45457 — CVSS 7.5 (high): Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis…
CVE-2022-45458 — CVSS 7.5 (high): Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis…
CVE-2022-45459 — CVSS 7.5 (high): Sensitive information disclosure due to insecure registry permissions. The following products are affected: Acronis Agent (Windows) before…
CVE-2023-45248 — CVSS 7.3 (high): Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent…
CVE-2025-11792 — CVSS 7.3 (high): Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent…
CVE-2023-45246 — CVSS 7.1 (high): Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect…
CVE-2023-45247 — CVSS 7.1 (high): Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect…
CVE-2023-45244 — CVSS 7.1 (high): Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect…
CVE-2023-48676 — CVSS 7.1 (high): Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect…
CVE-2026-28713 — CVSS 7.1 (high): Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud…
CVE-2025-11791 — CVSS 7.1 (high): Sensitive information disclosure and manipulation due to insufficient authorization checks. The following products are affected: Acronis…
CVE-2023-44212 — CVSS 7.1 (high): Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux…
CVE-2023-44211 — CVSS 7.1 (high): Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect…
CVE-2023-45245 — CVSS 5.5 (medium): Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows)…
CVE-2023-4688 — CVSS 5.5 (medium): Sensitive information leak through log files. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35433.
CVE-2021-44199 — CVSS 5.5 (medium): DLL hijacking could lead to denial of service. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035…
CVE-2023-41751 — CVSS 5.5 (medium): Sensitive information disclosure due to improper token expiration validation. The following products are affected: Acronis Agent (Windows)…
CVE-2023-41745 — CVSS 5.5 (medium): Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent…
CVE-2023-44210 — CVSS 5.5 (medium): Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect…
CVE-2023-44213 — CVSS 5.5 (medium): Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Cyber…
CVE-2023-44214 — CVSS 5.5 (medium): Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows)…
CVE-2023-45240 — CVSS 5.5 (medium): Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows)…
CVE-2023-45241 — CVSS 5.5 (medium): Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS…
CVE-2023-45242 — CVSS 5.5 (medium): Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent…
CVE-2023-45243 — CVSS 5.5 (medium): Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent…
CVE-2023-41750 — CVSS 5.5 (medium): Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows)…
CVE-2025-11790 — CVSS 4.4 (medium): Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud…
CVE-2025-30413 — CVSS 4.4 (medium): Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud…