Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40296.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Mon, 01 Sep 2025 09:15:00 +0000

Type Values Removed Values Added
First Time appeared Acronis
Acronis cyber Protect Cloud Agent
Vendors & Products Acronis
Acronis cyber Protect Cloud Agent

Thu, 28 Aug 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 28 Aug 2025 12:30:00 +0000

Type Values Removed Values Added
Description Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40296.
Weaknesses CWE-610
References
Metrics cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Acronis

Published:

Updated: 2025-08-29T03:55:22.130Z

Reserved: 2025-05-29T00:22:59.557Z

Link: CVE-2025-48963

cve-icon Vulnrichment

Updated: 2025-08-28T13:40:57.103Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-08-28T10:15:32.437

Modified: 2025-08-29T16:24:09.860

Link: CVE-2025-48963

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-09-01T09:05:12Z