Table of Contents
Are Your Acronis Systems Dangerously Exposed? Critical Vulnerabilities Threaten Enterprise Security
Critical security vulnerabilities have been discovered in Acronis Cyber Protect 16, exposing millions of enterprise systems running Linux and Windows to severe cyber threats. These flaws, some achieving the maximum CVSS severity score of 10.0, enable attackers to access and manipulate sensitive data through authentication bypass mechanisms.
Vulnerability Overview
Acronis Cyber Protect 16 versions prior to build 39938 contain multiple critical security flaws that compromise system integrity. The German Federal Office for Information Security (BSI) issued warnings regarding these vulnerabilities, which were publicly disclosed on June 4, 2025.
Critical Security Flaws
The most severe vulnerabilities include:
Maximum Severity Threats (CVSS 10.0):
- CVE-2025-30411: Sensitive data disclosure and manipulation due to improper authentication
- CVE-2025-30416: Sensitive data disclosure and manipulation due to missing authorization
- CVE-2025-30412: Sensitive data disclosure and manipulation due to improper authentication
High-Risk Vulnerability (CVSS 9.8):
- CVE-2025-30410: Sensitive data disclosure and manipulation due to missing authentication, affecting Acronis Cyber Protect Cloud Agent for Linux, macOS, and Windows before build 39870
Additional Security Concerns
Beyond the critical flaws, researchers identified several other vulnerabilities:
- CVE-2025-48961: Privilege escalation through insecure folder permissions (CVSS 7.3)
- CVE-2025-48960: Weak server key implementation for TLS encryption (CVSS 5.9)
- CVE-2025-48962: Server-side request forgery enabling sensitive information theft (CVSS 4.3)
Impact Assessment
These vulnerabilities affect Acronis Cyber Protect 16, a comprehensive cybersecurity solution that integrates backup, endpoint protection, and security management. Organizations using affected versions face significant risks including:
- Unauthorized access to confidential business data
- Potential system compromise through privilege escalation
- Manipulation of backup and security configurations
- Exposure of encrypted communications through weak TLS implementation
Remediation Requirements
Acronis has released patches to address these security flaws. Organizations must immediately deploy:
- Acronis Cyber Protect 16 Update 4 for Linux, macOS, and Windows systems
- Acronis Cyber Protect Cloud Agent Update C25.03 Hotfix 2 for cloud-based deployments
The manufacturer’s delayed customer notification has raised concerns among security professionals, emphasizing the critical need for immediate patch deployment across all affected systems.