CVE-2025-30410

Summary

Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 39870, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 41800.

Affected Software

VendorProductVersion RangeStatus
AcronisAcronis Cyber Protect Cloud Agentunspecified < 39870affected
AcronisAcronis Cyber Protect 16unspecified < 39938affected
AcronisAcronis Cyber Protect 15unspecified < 41800affected

Weaknesses

  • CWE-306: CWE-306

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References