This page lists publicly disclosed CVE vulnerabilities affecting acronis cyber_files (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-49392 | Stored cross-site scripting (XSS) vulnerability on enrollment invitation page. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | [email protected] | 4.8 | 0.21% | 2024-10-17 | 2026-06-17 |
| CVE-2024-49391 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | [email protected] | 7.3 | 0.07% | 2024-10-17 | 2026-06-17 |
| CVE-2024-49390 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | [email protected] | 7.3 | 0.17% | 2024-10-17 | 2026-06-17 |
| CVE-2024-49389 | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | [email protected] | 7.8 | 0.05% | 2024-10-17 | 2026-06-17 |
| CVE-2024-49386 | Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | [email protected] | 5.7 | 0.16% | 2024-10-17 | 2026-06-17 |