CVE-2026-28724
📋 TL;DR
This vulnerability allows unauthorized data access in Acronis Cyber Protect 17 due to insufficient access control validation. Attackers could potentially access sensitive data they shouldn't have permission to view. All users of Acronis Cyber Protect 17 before build 41186 on Linux and Windows are affected.
💻 Affected Systems
- Acronis Cyber Protect 17
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of protected data including backups, system images, and sensitive files managed by Acronis Cyber Protect.
Likely Case
Unauthorized access to specific data sets or backup files that should be restricted.
If Mitigated
Minimal impact with proper network segmentation and access controls limiting exposure.
🎯 Exploit Status
Exploitation requires some level of access to the system but not necessarily administrative privileges.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Build 41186 or later
Vendor Advisory: https://security-advisory.acronis.com/advisories/SEC-8493
Restart Required: Yes
Instructions:
1. Download Acronis Cyber Protect 17 build 41186 or later from official Acronis sources. 2. Run the installer/updater. 3. Restart the Acronis services or reboot the system as required.
🔧 Temporary Workarounds
Network Segmentation
allRestrict network access to Acronis Cyber Protect management interfaces
Use firewall rules to limit access to Acronis ports (default 9876, 443)
Access Control Hardening
allImplement strict user access controls and least privilege principles
Review and tighten user permissions in Acronis console
🧯 If You Can't Patch
- Implement strict network segmentation to isolate Acronis systems
- Enable detailed logging and monitoring for unauthorized access attempts
🔍 How to Verify
Check if Vulnerable:
Check Acronis Cyber Protect version in the management console or via 'acronis_cyber_protect --version' commandCheck Version:
acronis_cyber_protect --versionVerify Fix Applied:
Verify version is 17 build 41186 or higher in the management console📡 Detection & Monitoring
Log Indicators:
- Unauthorized access attempts in Acronis audit logs
- Unexpected data access patterns
Network Indicators:
- Unusual traffic to Acronis management ports from unauthorized sources
SIEM Query:
source="acronis_logs" AND (event_type="unauthorized_access" OR user="unknown")