平台
linux
组件
acronis-cyber-protect-cloud-agent
修复版本
39870
39938
41800
CVE-2025-30410 describes a critical vulnerability in Acronis Cyber Protect Cloud Agent, impacting versions up to and including 41800 on Linux, macOS, and Windows. This vulnerability stems from a lack of authentication controls, allowing unauthorized access and potential manipulation of sensitive data. A fix is available in build 41800, and users are strongly advised to upgrade immediately.
The core of this vulnerability lies in the absence of proper authentication checks. An attacker who can exploit this flaw could potentially gain access to sensitive data stored or processed by the Acronis Cyber Protect Cloud Agent. This includes backup data, system configurations, and potentially even credentials. The ability to manipulate data introduces a further risk, allowing attackers to corrupt backups, alter system settings, or even inject malicious code. The impact is particularly severe given the nature of Acronis's product – data protection – making this a significant compromise of trust. Successful exploitation could lead to data breaches, ransomware attacks, and significant disruption of business operations.
CVE-2025-30410 was published on 2026-02-20. As of this date, there are no publicly known proof-of-concept exploits. The vulnerability's criticality (CVSS 9.8) and the potential for data compromise suggest a medium probability of exploitation. It is not currently listed on the CISA KEV catalog. Monitor threat intelligence feeds for any indications of active exploitation campaigns targeting Acronis Cyber Protect Cloud Agent.
Organizations heavily reliant on Acronis Cyber Protect Cloud Agent for data backup and recovery are particularly at risk. This includes businesses with sensitive data subject to regulatory compliance (e.g., HIPAA, GDPR). Shared hosting environments where multiple users share the same Acronis agent instance are also at increased risk, as a compromise of one user could potentially expose data for others.
• linux / server:
journalctl -u acronis-agent -g 'authentication failure'• windows:
Get-WinEvent -LogName Security -FilterXPath "*[System[EventID=4625]]" -ErrorAction SilentlyContinue• generic web:
Check Acronis agent endpoints for lack of authentication using curl -I <agent_endpoint> and verify that authentication is required for all sensitive operations.
disclosure
漏洞利用状态
EPSS
0.02% (4% 百分位)
CISA SSVC
CVSS 向量
The primary mitigation for CVE-2025-30410 is to upgrade Acronis Cyber Protect Cloud Agent to build 41800 or later. If an immediate upgrade is not feasible due to compatibility issues or downtime constraints, consider implementing stricter network segmentation to limit access to the agent. Review firewall rules to ensure only authorized systems can communicate with the agent. While not a complete solution, restricting access can reduce the attack surface. Monitor system logs for unusual activity, specifically looking for unauthorized access attempts or data modification events. After upgrading, verify the fix by attempting to access agent functionalities without proper authentication credentials and confirming access is denied.
Actualice Acronis Cyber Protect Cloud Agent a la versión 39870 o posterior, Acronis Cyber Protect 16 a la versión 39938 o posterior, o Acronis Cyber Protect 15 a la versión 41800 o posterior. Esto solucionará la vulnerabilidad de divulgación y manipulación de datos confidenciales debido a la falta de autenticación.
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2025-30410 is a critical vulnerability in Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) where missing authentication allows unauthorized access and data manipulation, earning a CVSS score of 9.8.
You are affected if you are using Acronis Cyber Protect Cloud Agent versions prior to build 41800 on Linux, macOS, or Windows.
Upgrade to Acronis Cyber Protect Cloud Agent build 41800 or later to resolve the vulnerability. Consider network segmentation as a temporary workaround.
As of the publication date, there are no publicly known active exploitation campaigns, but the high CVSS score indicates a potential risk.
Refer to the official Acronis security advisory for detailed information and updates regarding CVE-2025-30410.