Every CVE whose affected-product data names Acronis True Image, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (25)
CVE-2017-3219 — CVSS 8.8 (high): Acronis True Image up to and including version 2017 Build 8053 performs software updates using HTTP. Downloaded updates are only verified…
CVE-2021-32581 — CVSS 8.1 (high): Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build…
CVE-2020-10140 — CVSS 7.8 (high): Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory. Because some privileged processes are executed…
CVE-2020-15495 — CVSS 7.8 (high): Acronis True Image 2019 update 1 through 2020 on macOS allows local privilege escalation due to an insecure XPC service configuration.
CVE-2020-15496 — CVSS 7.8 (high): Acronis True Image for Mac before 2021 Update 4 allowed local privilege escalation due to insecure folder permissions.
CVE-2022-24115 — CVSS 7.8 (high): Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect…
CVE-2020-25736 — CVSS 7.8 (high): Acronis True Image 2019 update 1 through 2021 update 1 on macOS allows local privilege escalation due to an insecure XPC service…
CVE-2020-35145 — CVSS 7.8 (high): Acronis True Image for Windows prior to 2021 Update 3 allowed local privilege escalation due to a DLL hijacking vulnerability in multiple…
CVE-2021-32576 — CVSS 7.8 (high): Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 1 of 2).
CVE-2021-32577 — CVSS 7.8 (high): Acronis True Image prior to 2021 Update 5 for Windows allowed local privilege escalation due to insecure folder permissions.
CVE-2021-32578 — CVSS 7.8 (high): Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 2 of 2).
CVE-2021-32579 — CVSS 7.8 (high): Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated…
CVE-2021-32580 — CVSS 7.8 (high): Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to DLL hijacking.
CVE-2022-24113 — CVSS 7.8 (high): Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber…
CVE-2020-10139 — CVSS 7.8 (high): Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\…
CVE-2021-44204 — CVSS 7.8 (high): Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect…
CVE-2021-44206 — CVSS 7.3 (high): Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. The following products are affected…
CVE-2021-44205 — CVSS 7.3 (high): Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office…
CVE-2022-24114 — CVSS 7.0 (high): Local privilege escalation due to race condition on application startup. The following products are affected: Acronis Cyber Protect Home…
CVE-2026-33271 — CVSS 6.7 (medium): Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before…
CVE-2020-25593 — CVSS 6.7 (medium): Acronis True Image through 2021 on macOS allows local privilege escalation from admin to root due to insecure folder permissions.
CVE-2026-27774 — CVSS 6.7 (medium): Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before…
CVE-2026-28728 — CVSS 6.7 (medium): Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before…
CVE-2008-1280 — CVSS 5.0 (medium): Acronis True Image Windows Agent 1.0.0.54 and earlier, included in Acronis True Image Enterprise Server 9.5.0.8072 and the other True Image…
CVE-2008-1279 — CVSS 5.0 (medium): Acronis True Image Group Server 1.5.19.191 and earlier, included in Acronis True Image Enterprise Server 9.5.0.8072 and the other True…