CVE-2025-30410

CRITICAL

Acronis Cyber Protect - Info Disclosure

Title source: llm

Description

Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 39870, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 41800.

References (1)

[Various Sources] https://security-advisory.acronis.com/advisories/SEC-8641

Scores

CVSS v3 9.8

EPSS 0.0002

EPSS Percentile 5.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-306

Status draft

Timeline

Published Feb 20, 2026

Tracked Since Feb 20, 2026