CVE-2025-30416 — CRITICAL (10.0)

Vulnerability Description

Sensitive data disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Linux, Windows) before build 41800.

CVSS Score

10.0

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Acronis	Cyber Protect	15
Linux	Linux Kernel	All versions
Microsoft	Windows	All versions

Related Weaknesses (CWE)

CWE-862

References

https://security-advisory.acronis.com/advisories/SEC-8766Vendor Advisory

FAQ

What is CVE-2025-30416?

CVE-2025-30416 is a vulnerability with a CVSS score of 10.0 (CRITICAL). Sensitive data disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39938, Acronis Cyber Protect 15 (Li...

How severe is CVE-2025-30416?

CVE-2025-30416 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2025-30416?

Check the references section above for vendor advisories and patch information. Affected products include: Acronis Cyber Protect, Linux Linux Kernel, Microsoft Windows.