CVE-2026-28727
Local Privilege Escalation via Insecure Unix Socket in Acronis macOS
Publication date: 2026-03-06
Last updated on: 2026-04-02
Assigner: Acronis International GmbH
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| acronis | cyber_protect | to 17.0.41186 (exc) |
| acronis | agent | to c25.10 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-276 | During installation, installed file permissions are set to allow anyone to modify those files. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a local privilege escalation issue caused by insecure Unix socket permissions in certain Acronis products on macOS. Specifically, it affects Acronis Cyber Protect 17 before build 41186 and Acronis Cyber Protect Cloud Agent before build 41124. The insecure permissions on Unix sockets allow a local attacker to gain elevated privileges on the affected system.
How can this vulnerability impact me? :
The vulnerability can allow a local attacker to escalate their privileges on the affected macOS system. This means an attacker with limited access could gain higher-level permissions, potentially leading to unauthorized access to sensitive data, modification of system settings, or disruption of services.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know