{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-30410", "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "state": "PUBLISHED", "assignerShortName": "Acronis", "dateReserved": "2025-03-21T21:04:39.511Z", "datePublished": "2026-02-20T00:31:05.697Z", "dateUpdated": "2026-02-20T20:48:15.907Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "shortName": "Acronis", "dateUpdated": "2026-02-20T00:31:05.697Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-306", "description": "CWE-306", "type": "CWE"}]}], "affected": [{"vendor": "Acronis", "product": "Acronis Cyber Protect Cloud Agent", "platforms": ["Linux", "macOS", "Windows"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "39870", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis Cyber Protect 16", "platforms": ["Linux", "macOS", "Windows"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "39938", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis Cyber Protect 15", "platforms": ["Linux", "macOS", "Windows"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "41800", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 39870, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 41800."}], "references": [{"url": "https://security-advisory.acronis.com/advisories/SEC-8641", "name": "SEC-8641", "tags": ["vendor-advisory"]}], "credits": [{"lang": "en", "value": "Airbus SecLab (mailto:[email protected])", "type": "finder"}, {"lang": "en", "value": "Quentin Liddell (mailto:[email protected])", "type": "finder"}, {"lang": "en", "value": "Matt\u00e9o Ricordeau (mailto:[email protected])", "type": "finder"}, {"lang": "en", "value": "Beno\u00eet Camredon (mailto:[email protected])", "type": "finder"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_0": {"version": "3.0", "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-20T20:47:47.601790Z", "id": "CVE-2025-30410", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-20T20:48:15.907Z"}}]}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Sensitive data disclosure and manipulation due to missing authentication. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 39870, Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 41800."}], "id": "CVE-2025-30410", "lastModified": "2026-02-20T13:49:47.623", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "[email protected]", "type": "Secondary"}]}, "published": "2026-02-20T01:15:59.270", "references": [{"source": "[email protected]", "url": "https://security-advisory.acronis.com/advisories/SEC-8641"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "[email protected]", "type": "Primary"}]}

{}