CVE-2025-9578
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-28
Last updated on: 2025-08-29
Assigner: Acronis International GmbH
Description
Description
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 40734.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| acronis | cyber_protect_cloud_agent | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-732 | The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a local privilege escalation caused by insecure folder permissions in the Acronis Cyber Protect Cloud Agent (Windows) before build 40734. It allows a user with limited privileges to gain higher-level access on the affected system.
How can this vulnerability impact me? :
The vulnerability can allow an attacker with local access to escalate their privileges, potentially leading to full control over the affected system. This can result in unauthorized access to sensitive data, system modification, or disruption of services.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70