Description
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39938.
Scores
CVSS v3
7.3
EPSS
0.0004
EPSS Percentile
13.1%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-732
Status
published
Products (1)
Acronis/Acronis Cyber Protect 16
unspecified - 39938
Published
Jun 04, 2025
Tracked Since
Feb 18, 2026