CVE-2024-55542 MEDIUM

CVE-2024-55542

Vendor Acronis
Product Acronis Cyber Protect 16
Weakness CWE-266
Published January 2, 2025
Last update February 26, 2026

CVSS base score

4.4/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

Local privilege escalation due to excessive permissions assigned to Tray Monitor service. The following products are affected: Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35895.

Key dates

02Disclosure timeline

January 2, 2025 CVE published
February 26, 2026 Record updated