Vulnerabilities > Acronis
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-02 | CVE-2024-55540 | Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15/16 Local privilege escalation due to DLL hijacking vulnerability. | 7.8 |
| 2025-01-02 | CVE-2024-55541 | Cross-site Scripting vulnerability in Acronis Cyber Protect 15/16 Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. | 6.1 |
| 2025-01-02 | CVE-2024-55543 | Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15/16 Local privilege escalation due to DLL hijacking vulnerability. | 7.8 |
| 2024-10-17 | CVE-2024-49386 | Privacy Violation vulnerability in Acronis Cyber Files Sensitive information disclosure due to spell-jacking. | 5.7 |
| 2024-10-17 | CVE-2024-49389 | Incorrect Default Permissions vulnerability in Acronis Cyber Files Local privilege escalation due to insecure folder permissions. | 7.8 |
| 2024-10-17 | CVE-2024-49390 | Uncontrolled Search Path Element vulnerability in Acronis Cyber Files Local privilege escalation due to DLL hijacking vulnerability. | 7.3 |
| 2024-10-17 | CVE-2024-49391 | Uncontrolled Search Path Element vulnerability in Acronis Cyber Files Local privilege escalation due to DLL hijacking vulnerability. | 7.3 |
| 2024-10-17 | CVE-2024-49392 | Cross-site Scripting vulnerability in Acronis Cyber Files Stored cross-site scripting (XSS) vulnerability on enrollment invitation page. | 4.8 |
| 2024-10-15 | CVE-2024-49382 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in archive-server service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
| 2024-10-15 | CVE-2024-49383 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |