CVE-2025-24831

CVSS 3.1 Score 6.6 of 10 (medium)

Details

Published Jan 31, 2025
CWE ID 428

Summary

CVE-2025-24831 is a local privilege escalation vulnerability affecting Acronis Cyber Protect Cloud Agent for Windows. The issue arises due to an unquoted search path in the software, which can be exploited by attackers to gain elevated system privileges. This vulnerability can lead to significant security risks, including unauthorized access to sensitive data or system modifications. The affected version of Acronis Cyber Protect Cloud Agent is before build 39378. It is strongly recommended that users update their software to the latest version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share