Acronis Cyber Protect Missing Authentication Vulnerability (CVE-2025-30410)

Key Information Summary Vulnerability Details Title: Sensitive data disclosure and manipulation due to missing authentication CVE ID: CVE-2025-30410 Severity: CRITICAL SEVERITY Affected Products Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 39870 Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938 Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 41800 Update Records Acronis Cyber Protect 15 Update 7: UPD-2601-0686-baf3, published 11 days ago Acronis Cyber Protect 16 Update 4: UPD-2503-47f5-680e, published 10 months ago Acronis Cyber Protect Cloud Agent update C25.03 hotfix 2: UPD-2504-5793-1703, published 10 months ago CVSS Score Score: 9.8 Critical Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CWEs CWE-306: Missing Authentication for Critical Function Contributors Airbus SecLab Quentin Liddell Matthéo Ricordeau Benoît Camredon

Goal Reached Thanks to every supporter — we hit 100%!

Acronis Cyber Protect Missing Authentication Vulnerability (CVE-2025-30410)