Missing authentication in Acronis Cyber Protect agents allows unauthenticated attackers to access and manipulate sensitive data on Linux, macOS, and Windows systems.

This vulnerability is caused by a complete lack of authentication for certain functions within the Acronis agent. An unauthenticated attacker can interact with the agent to disclose sensitive information or manipulate data on the host system.

The impact is severe, as backup and protection software typically holds high-level system privileges. An attacker could potentially compromise the integrity of backups or steal confidential corporate data. The CVSS score of 9.8 reflects the critical risk to data sovereignty and system security across the entire enterprise.

Immediate Action: Update all Acronis Cyber Protect agents to the builds specified in the vendor advisory (e.g., build 39870 for Cloud Agent, 39938 for CP 16).

Proactive Monitoring: Audit agent logs for unauthorized connections and monitor for unexpected changes to backup configurations or data access patterns.

Compensating Controls: Use network segmentation to isolate systems running the Acronis agent and restrict management traffic to authorized administrative hosts only.

Public Exploit Available: No

Organizations relying on Acronis for disaster recovery and protection must apply the latest builds immediately. Missing authentication in a security product is a critical failure that can be easily exploited to undermine an organization's entire data protection strategy.