Acronis Cyber Protect 16
Approved changes feed: RSS · Atom
cpe:2.3:a:acronis:acronis_cyber_protect_16:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Acronis (d64000ef-8c61-5ba5-86d7-61c680cdcd75) |
|---|---|
| Product | Acronis Cyber Protect 16 (ed4026e0-ad14-54c8-ade1-93c48066649f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-48962 |
vulnerable | 2026-06-03 15:01:43.816678 |
Details available
MEDIUM (4.3)
Sensitive information disclosure due to SSRF. The following products are affected: Acronis Cyber Protect 16 (Windows, Linux) before build 39938.
Published: 2025-06-04T13:27:43.266Z
Updated: 2025-06-04T13:41:16.377Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-48961 |
vulnerable | 2026-06-03 15:01:43.816424 |
Details available
HIGH (7.3)
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39938.
Published: 2025-06-04T13:26:51.567Z
Updated: 2025-06-04T13:42:03.744Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-48960 |
vulnerable | 2026-06-03 15:01:43.816047 |
Details available
MEDIUM (5.9)
Weak server key used for TLS encryption. The following products are affected: Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938.
Published: 2025-06-04T13:26:27.062Z
Updated: 2025-06-04T13:42:31.537Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30416 |
vulnerable | 2026-06-03 15:00:28.266908 |
Details available
CRITICAL (10)
Sensitive data disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
Published: 2026-02-20T00:31:27.426Z
Updated: 2026-02-26T14:44:13.675Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30412 |
vulnerable | 2026-06-03 15:00:28.260544 |
Details available
CRITICAL (10)
Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
Published: 2026-02-20T00:30:33.503Z
Updated: 2026-02-26T14:44:13.951Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30411 |
vulnerable | 2026-06-03 15:00:28.247962 |
Details available
CRITICAL (10)
Sensitive data disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.
Published: 2026-02-20T00:30:14.748Z
Updated: 2026-02-26T14:44:14.096Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30410 |
vulnerable | 2026-06-03 15:00:28.245978 |
Details available
CRITICAL (9.8)
Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 39870, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 41800.
Published: 2026-02-20T00:31:05.697Z
Updated: 2026-02-26T14:44:13.809Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30408 |
vulnerable | 2026-06-03 15:00:28.244044 |
Details available
MEDIUM (6.7)
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39904, Acronis Cyber Protect 16 (Windows) before build 39938.
Published: 2025-04-24T13:04:26.690Z
Updated: 2026-02-26T18:28:05.661Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-8766 |
vulnerable | 2026-06-03 14:58:19.479861 |
Details available
MEDIUM (6.7)
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 38235, Acronis Cyber Protect 16 (Windows) before build 39169.
Published: 2024-09-16T19:45:03.044Z
Updated: 2025-01-02T15:25:36.040Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-56414 |
vulnerable | 2026-06-03 14:57:42.997320 |
Details available
MEDIUM (5.5)
Web installer integrity check used weak hash algorithm. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.
Published: 2025-01-02T15:26:10.784Z
Updated: 2025-01-02T17:08:22.194Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-56413 |
vulnerable | 2026-06-03 14:57:42.997068 |
Details available
MEDIUM (6.1)
Missing session invalidation after user deletion. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.
Published: 2025-01-02T15:26:00.507Z
Updated: 2025-01-02T17:09:09.822Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-55543 |
vulnerable | 2026-06-03 14:57:42.038821 |
Details available
HIGH (7.3)
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.
Published: 2025-01-02T15:24:26.589Z
Updated: 2025-01-02T17:10:10.488Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-55542 |
vulnerable | 2026-06-03 14:57:42.038505 |
Details available
MEDIUM (4.4)
Local privilege escalation due to excessive permissions assigned to Tray Monitor service. The following products are affected: Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35895.
Published: 2025-01-02T15:26:40.928Z
Updated: 2026-02-26T19:09:34.461Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-55541 |
vulnerable | 2026-06-03 14:57:42.037963 |
Details available
LOW (3.1)
Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39169.
Published: 2025-01-02T15:26:55.281Z
Updated: 2025-01-02T16:52:29.222Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-55540 |
vulnerable | 2026-06-03 14:57:42.034399 |
Details available
MEDIUM (6.6)
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.
Published: 2025-01-02T15:25:48.887Z
Updated: 2025-01-02T17:09:38.773Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-55539 |
vulnerable | 2026-06-03 14:57:42.034007 |
Details available
LOW (2.5)
Weak algorithm used to sign RPM package. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux) before build 39185, Acronis Cyber Protect 16 (Linux) before build 39938.
Published: 2024-12-23T14:05:20.298Z
Updated: 2025-06-04T13:55:45.518Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49388 |
vulnerable | 2026-06-03 14:57:12.421793 |
Details available
LOW (3.1)
Sensitive information manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
Published: 2024-10-15T10:34:24.960Z
Updated: 2024-10-15T12:47:51.115Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49387 |
vulnerable | 2026-06-03 14:57:12.421341 |
Details available
MEDIUM (5.4)
Cleartext transmission of sensitive information in acep-collector service. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
Published: 2024-10-15T10:34:10.675Z
Updated: 2024-10-15T12:47:32.586Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49384 |
vulnerable | 2026-06-03 14:57:12.413028 |
Details available
LOW (3.5)
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
Published: 2024-10-15T10:33:52.655Z
Updated: 2024-10-15T12:47:14.120Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49383 |
vulnerable | 2026-06-03 14:57:12.412457 |
Details available
LOW (3.5)
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
Published: 2024-10-15T10:33:14.227Z
Updated: 2024-10-15T12:46:55.089Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49382 |
vulnerable | 2026-06-03 14:57:12.409606 |
Details available
LOW (3.5)
Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
Published: 2024-10-15T10:32:55.845Z
Updated: 2024-10-15T12:46:35.938Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-34010 |
vulnerable | 2026-06-03 14:55:53.331924 |
Details available
HIGH (8.2)
Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690, Acronis True Image (Windows) before build 42386, Acronis True Image OEM (Windows) before build 42575.
Published: 2024-04-29T15:48:14.398Z
Updated: 2026-04-10T13:16:47.709Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48683 |
vulnerable | 2026-06-03 14:53:19.634080 |
Details available
HIGH (7.1)
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 37758, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169.
Published: 2024-04-29T15:47:51.993Z
Updated: 2025-01-02T15:24:40.944Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48682 |
vulnerable | 2026-06-03 14:53:19.630725 |
Details available
MEDIUM (6.1)
Stored cross-site scripting (XSS) vulnerability in unit name. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.
Published: 2024-02-27T16:53:05.091Z
Updated: 2024-08-02T21:37:54.485Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48681 |
vulnerable | 2026-06-03 14:53:19.630375 |
Details available
LOW (1.9)
Self cross-site scripting (XSS) vulnerability in storage nodes search field. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.
Published: 2024-02-27T16:52:25.743Z
Updated: 2024-08-02T21:37:54.618Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48680 |
vulnerable | 2026-06-03 14:53:19.630001 |
Details available
LOW (3.3)
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Cyber Protect 16 (macOS, Windows) before build 37391.
Published: 2024-02-27T16:51:19.284Z
Updated: 2024-09-10T15:47:42.813Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48679 |
vulnerable | 2026-06-03 14:53:19.629623 |
Details available
LOW (3.1)
Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.
Published: 2024-02-27T16:45:53.340Z
Updated: 2024-08-02T21:37:54.289Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48678 |
vulnerable | 2026-06-03 14:53:19.629208 |
Details available
MEDIUM (5.5)
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.
Published: 2024-02-27T16:45:00.771Z
Updated: 2024-08-16T19:22:09.595Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48677 |
vulnerable | 2026-06-03 14:53:19.626721 |
Details available
HIGH (7.3)
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901, Acronis Cyber Protect Cloud Agent (Windows) before build 39378, Acronis Cyber Protect 16 (Windows) before build 39938, Acronis True Image OEM (Windows) before build 42575.
Published: 2023-12-12T08:33:17.191Z
Updated: 2026-04-10T13:15:52.612Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-45248 |
vulnerable | 2026-06-03 14:53:07.860270 |
Details available
MEDIUM (6.6)
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 36497, Acronis Cyber Protect 16 (Windows) before build 37391.
Published: 2023-10-09T11:08:37.009Z
Updated: 2025-06-16T17:06:45.314Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-45247 |
vulnerable | 2026-06-03 14:53:07.859819 |
Details available
HIGH (7.1)
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 36497, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169.
Published: 2023-10-09T11:09:00.897Z
Updated: 2025-06-16T17:05:43.784Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-45246 |
vulnerable | 2026-06-03 14:53:07.859228 |
Details available
HIGH (7.1)
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 36343, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169.
Published: 2023-10-06T10:07:06.167Z
Updated: 2025-01-02T15:25:18.885Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-45244 |
vulnerable | 2026-06-03 14:53:07.853528 |
Details available
HIGH (7.1)
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35895, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 37391.
Published: 2023-10-06T09:47:15.441Z
Updated: 2024-08-02T20:14:19.954Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-45241 |
vulnerable | 2026-06-03 14:53:07.852273 |
Details available
MEDIUM (4.4)
Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35739, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 37391.
Published: 2023-10-05T21:57:23.228Z
Updated: 2024-09-20T13:12:02.515Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44213 |
vulnerable | 2026-06-03 14:53:05.687588 |
Details available
LOW (3.3)
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 35739, Acronis Cyber Protect 16 (Windows) before build 37391.
Published: 2023-10-05T21:56:48.957Z
Updated: 2024-09-10T15:48:22.536Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44211 |
vulnerable | 2026-06-03 14:53:05.684176 |
Details available
HIGH (7.1)
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 31637, Acronis Cyber Protect 16 (Linux, Windows) before build 37391.
Published: 2023-10-05T21:14:19.549Z
Updated: 2024-08-02T19:59:51.461Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.