CVE-2025-11791

Summary

Sensitive information disclosure and manipulation due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 41124.

Affected Software

VendorProductVersion RangeStatus
AcronisAcronis Cyber Protect 17unspecified < 41186affected
AcronisAcronis Cyber Protect Cloud Agentunspecified < 41124affected

Weaknesses

  • CWE-862: CWE-862

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References