Scanner gratuitement
CRITICALCVE-2025-30410CVSS 9.8

Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 39870, Acronis Cyb

traduction en cours…

Plateforme

linux

Composant

acronis-cyber-protect-cloud-agent

Corrigé dans

39870

39938

41800

AI Confidence: highNVDEPSS 0.0%Révisé: mai 2026
Voir sur NVD
Sauvegarder
Traduction vers votre langue…

CVE-2025-30410 describes a critical vulnerability in Acronis Cyber Protect Cloud Agent, impacting versions up to and including 41800 on Linux, macOS, and Windows. This vulnerability stems from a lack of authentication controls, allowing unauthorized access and potential manipulation of sensitive data. A fix is available in build 41800, and users are strongly advised to upgrade immediately.

Impact et Scénarios d'Attaquetraduction en cours…

The core of this vulnerability lies in the absence of proper authentication checks. An attacker who can exploit this flaw could potentially gain access to sensitive data stored or processed by the Acronis Cyber Protect Cloud Agent. This includes backup data, system configurations, and potentially even credentials. The ability to manipulate data introduces a further risk, allowing attackers to corrupt backups, alter system settings, or even inject malicious code. The impact is particularly severe given the nature of Acronis's product – data protection – making this a significant compromise of trust. Successful exploitation could lead to data breaches, ransomware attacks, and significant disruption of business operations.

Contexte d'Exploitationtraduction en cours…

CVE-2025-30410 was published on 2026-02-20. As of this date, there are no publicly known proof-of-concept exploits. The vulnerability's criticality (CVSS 9.8) and the potential for data compromise suggest a medium probability of exploitation. It is not currently listed on the CISA KEV catalog. Monitor threat intelligence feeds for any indications of active exploitation campaigns targeting Acronis Cyber Protect Cloud Agent.

Qui Est à Risquetraduction en cours…

Organizations heavily reliant on Acronis Cyber Protect Cloud Agent for data backup and recovery are particularly at risk. This includes businesses with sensitive data subject to regulatory compliance (e.g., HIPAA, GDPR). Shared hosting environments where multiple users share the same Acronis agent instance are also at increased risk, as a compromise of one user could potentially expose data for others.

Étapes de Détectiontraduction en cours…

• linux / server:

journalctl -u acronis-agent -g 'authentication failure'

• windows:

Get-WinEvent -LogName Security -FilterXPath "*[System[EventID=4625]]" -ErrorAction SilentlyContinue

• generic web: Check Acronis agent endpoints for lack of authentication using curl -I <agent_endpoint> and verify that authentication is required for all sensitive operations.

Chronologie de l'Attaque

  1. Disclosure

    disclosure

Renseignement sur les Menaces

Statut de l'Exploit

Preuve de ConceptInconnu
CISA KEVNO
Exposition InternetÉlevée

EPSS

0.02% (percentile 4%)

CISA SSVC

Exploitationnone
Automatisableyes
Impact Techniquetotal

Vecteur CVSS

RENSEIGNEMENT SUR LES MENACES· CVSS 3.1CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H9.8CRITICALAttack VectorNetworkComment l'attaquant atteint la cibleAttack ComplexityLowConditions requises pour exploiterPrivileges RequiredNoneNiveau d'authentification requisUser InteractionNoneSi une action de la victime est requiseScopeUnchangedImpact au-delà du composant affectéConfidentialityHighRisque d'exposition de données sensiblesIntegrityHighRisque de modification non autorisée de donnéesAvailabilityHighRisque d'interruption de servicenextguardhq.com · Score de base CVSS v3.1
Que signifient ces métriques?
Attack Vector
Réseau — exploitable à distance via internet. Aucun accès physique ou local requis.
Attack Complexity
Faible — aucune condition spéciale requise. Exploitable de manière fiable.
Privileges Required
Aucun — sans authentification. Aucune identifiant requis pour exploiter.
User Interaction
Aucune — attaque automatique et silencieuse. La victime ne fait rien.
Scope
Inchangé — impact limité au composant vulnérable.
Confidentiality
Élevé — perte totale de confidentialité. L'attaquant peut lire toutes les données.
Integrity
Élevé — l'attaquant peut écrire, modifier ou supprimer toutes les données.
Availability
Élevé — panne complète ou épuisement des ressources. Déni de service total.

Logiciel Affecté

Composantacronis-cyber-protect-cloud-agent
FournisseurAcronis
Plage affectéeCorrigé dans
unspecified – 3986939870
unspecified – 3993739938
unspecified – 4179941800

Classification de Faiblesse (CWE)

CWE-306

Chronologie

  1. Réservé
  2. Publiée
  3. Modifiée
  4. EPSS mis à jour

Mitigation et Contournementstraduction en cours…

The primary mitigation for CVE-2025-30410 is to upgrade Acronis Cyber Protect Cloud Agent to build 41800 or later. If an immediate upgrade is not feasible due to compatibility issues or downtime constraints, consider implementing stricter network segmentation to limit access to the agent. Review firewall rules to ensure only authorized systems can communicate with the agent. While not a complete solution, restricting access can reduce the attack surface. Monitor system logs for unusual activity, specifically looking for unauthorized access attempts or data modification events. After upgrading, verify the fix by attempting to access agent functionalities without proper authentication credentials and confirming access is denied.

Comment corrigertraduction en cours…

Actualice Acronis Cyber Protect Cloud Agent a la versión 39870 o posterior, Acronis Cyber Protect 16 a la versión 39938 o posterior, o Acronis Cyber Protect 15 a la versión 41800 o posterior. Esto solucionará la vulnerabilidad de divulgación y manipulación de datos confidenciales debido a la falta de autenticación.

Newsletter Sécurité CVE

Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.

Questions fréquentestraduction en cours…

What is CVE-2025-30410 — Sensitive Data Leak in Acronis Cyber Protect Cloud Agent?

CVE-2025-30410 is a critical vulnerability in Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) where missing authentication allows unauthorized access and data manipulation, earning a CVSS score of 9.8.

Am I affected by CVE-2025-30410 in Acronis Cyber Protect Cloud Agent?

You are affected if you are using Acronis Cyber Protect Cloud Agent versions prior to build 41800 on Linux, macOS, or Windows.

How do I fix CVE-2025-30410 in Acronis Cyber Protect Cloud Agent?

Upgrade to Acronis Cyber Protect Cloud Agent build 41800 or later to resolve the vulnerability. Consider network segmentation as a temporary workaround.

Is CVE-2025-30410 being actively exploited?

As of the publication date, there are no publicly known active exploitation campaigns, but the high CVSS score indicates a potential risk.

Where can I find the official Acronis advisory for CVE-2025-30410?

Refer to the official Acronis security advisory for detailed information and updates regarding CVE-2025-30410.

Ton projet est-il affecté ?

Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.

Scanner gratuitementRechercher des CVE