CVE-2025-30408 MEDIUM

CVE-2025-30408

Vendor Acronis
Product Acronis Cyber Protect Cloud Agent
Weakness CWE-732
Published April 24, 2025
Last update February 26, 2026

CVSS base score

6.7/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39904, Acronis Cyber Protect 16 (Windows) before build 39938.

Key dates

02Disclosure timeline

April 24, 2025 CVE published
February 26, 2026 Record updated