CVE-2025-11790
Received Received - Intake
Credential Retention Vulnerability in Acronis Cyber Protect Agent

Publication date: 2026-03-06

Last updated on: 2026-03-13

Assigner: Acronis International GmbH

Description
Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 41124.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-06
Last Modified
2026-03-13
Generated
2026-06-16
AI Q&A
2026-03-06
EPSS Evaluated
2026-06-14
NVD
CVE-2025-11790
EUVD
EUVD-2025-208330
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
acronis agent to c25.10 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-732 The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs because credentials are not deleted from the Acronis Cyber Protect Cloud Agent after a plan is revoked. This means that even after a user or system plan is canceled or removed, the associated credentials remain stored on the agent.

Impact Analysis

The impact of this vulnerability is that sensitive credentials remain on the system even after they should have been removed. This could lead to unauthorized access or misuse of those credentials, potentially compromising the confidentiality of data.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-11790. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart