CVE-2025-30411

CRITICAL

Acronis Cyber Protect - Info Disclosure

Title source: llm

Description

Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.

References (1)

[Various Sources] https://security-advisory.acronis.com/advisories/SEC-8768

Scores

CVSS v3 10.0

EPSS 0.0005

EPSS Percentile 15.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-1390

Status published

Products (2)

acronis/cyber_protect 15 (7 CPE variants)

acronis/cyber_protect 16 (4 CPE variants)

Published Feb 20, 2026

Tracked Since Feb 20, 2026