聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。
指派機構(CNA / 來源):[email protected] 移除此篩選
| CVE | 描述 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|
| CVE-2024-8767 | Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 619, Acronis Backup extension for Plesk (Linux) before build 555, Acronis Backup plugin for DirectAdmin (Linux) before build 147. | 9.9 | 0.48% | 2024-09-17 | 2026-06-17 |
| CVE-2024-8766 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 38235, Acronis Cyber Protect 16 (Windows) before build 39169. | 6.7 | 0.06% | 2024-09-16 | 2026-06-17 |
| CVE-2024-34016 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 38235. | 6.5 | 0.17% | 2024-09-16 | 2026-06-17 |
| CVE-2024-34019 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 4569. | 7.3 | 0.10% | 2024-08-29 | 2026-06-17 |
| CVE-2024-34018 | Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 4569. | 5.5 | 0.15% | 2024-08-29 | 2026-06-17 |
| CVE-2024-34017 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 4569. | 7.3 | 0.10% | 2024-08-29 | 2026-06-17 |
| CVE-2023-45249 KEV | Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132. | 9.8 | 53.25% | 2024-07-24 | 2026-06-17 |
| CVE-2024-34013 | Local privilege escalation due to OS command injection vulnerability. The following products are affected: Acronis True Image (macOS) before build 41396, Acronis True Image OEM (macOS) before build 42571. | 7.8 | 0.58% | 2024-07-18 | 2026-06-17 |
| CVE-2022-45449 | Sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984. | 6.5 | 0.37% | 2024-07-16 | 2026-06-17 |
| CVE-2024-34012 | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.24135.272. | 4.4 | 0.08% | 2024-06-14 | 2026-06-17 |
| CVE-2024-34011 | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758. | 6.8 | 0.15% | 2024-04-29 | 2026-06-17 |
| CVE-2024-34010 | Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690, Acronis True Image (Windows) before build 42386, Acronis True Image OEM (Windows) before build 42575. | 8.2 | 0.20% | 2024-04-29 | 2026-06-17 |
| CVE-2023-48684 | Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 37758, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186. | 7.1 | 0.16% | 2024-04-29 | 2026-06-17 |
| CVE-2023-48683 | Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 37758, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169. | 7.1 | 0.16% | 2024-04-29 | 2026-06-17 |
| CVE-2023-48682 | Stored cross-site scripting (XSS) vulnerability in unit name. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391. | 5.4 | 0.33% | 2024-02-27 | 2026-06-17 |
| CVE-2023-48681 | Self cross-site scripting (XSS) vulnerability in storage nodes search field. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391. | 6.1 | 0.30% | 2024-02-27 | 2026-06-17 |
| CVE-2023-48680 | Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Cyber Protect 16 (macOS, Windows) before build 37391. | 5.5 | 0.17% | 2024-02-27 | 2026-06-17 |
| CVE-2023-48679 | Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391. | 5.4 | 0.26% | 2024-02-27 | 2026-06-17 |
| CVE-2023-48678 | Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391. | 5.5 | 0.16% | 2024-02-27 | 2026-06-17 |
| CVE-2023-48676 | Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 36943. | 7.1 | 0.21% | 2023-12-14 | 2026-06-17 |