Cloud Agent of Acronis Cyber Protect is found to have security weaknesses

Cloud Agent of Acronis Cyber Protect is found to have security weaknesses

A significant security vulnerability, identified as CVE-205-9578, has been discovered in the Acronis Cyber Protect Cloud Agent for Windows systems. The threat level of this vulnerability is "high", indicating a significant risk.

The vulnerability was reported by a security researcher via the bug bounty platform HackerOne around July 20, 2025. The German Federal Office for Information Security (BSI) published a report on the same date.

According to the report, the vulnerability involves improper privilege assignment for certain resources, potentially allowing attackers to exploit it. Successful exploitation of this vulnerability could enable attackers to manipulate data and gain higher user privileges, posing a risk to the system and its data.

Acronis has addressed this issue by patching version C25.08 of their software. However, all versions up to and including build 40734 are reportedly still vulnerable to the CVE-205-9578 vulnerability.

It's important to note that there are no indications of ongoing attacks related to this vulnerability at this time. The developers have not disclosed any information about ongoing attacks related to the CVE-205-9578 vulnerability.

The website c't 3003 and our website are associated with the reporting of the CVE-205-9578 vulnerability. However, further details about the nature of the videos by the website c't 3003 have not been provided.

The security researcher who reported the vulnerability was rewarded with 250 US dollars. It's worth mentioning that as early as June this year, the developers fixed a "critical" vulnerability in Acronis Cyber Protect.

It's crucial for users of the Acronis Cyber Protect Cloud Agent for Windows systems to update their software to the latest version, C25.08, to ensure their systems are protected against this vulnerability.

Peertube is not directly related to the CVE-205-9578 vulnerability reporting. Users of Peertube should not confuse this vulnerability with any issues in their service.

Stay vigilant and keep your systems updated to protect against potential security threats. For more information about the CVE-205-9578 vulnerability, we recommend visiting the official Acronis website or the HackerOne platform.

Read also:

• Oxidative Stress in Sperm Abnormalities: Impact of Reactive Oxygen Species (ROS) on Sperm Harm
• Is it possible to receive the hepatitis B vaccine more than once?
• Transgender Individuals and Menopause: A Question of Occurrence?
• Genetically manipulated rabbits sprout ominous black horns on their heads