threat
engine
.sh
Back
·
··:··
Home
/
Product
/
acronis agent
Product
acronis agent
86 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-6788
< 1.25.03.0000
Uncontrolled Search Path Element vulnerability in WatchGuard Agent on Windows allows Using Malicious Files.This issue affects Wat
7.8
HIGH
CVE-2026-6787
< 1.25.03.0000
Use of Hard-coded Cryptographic Key vulnerability in WatchGuard Agent on Windows allows Inclusion of Code in Existing Process.This
7.8
HIGH
CVE-2026-41288
< 1.25.03.0000
Incorrect permission assignment for a resource in the patch management component of the WatchGuard Agent on Windows allows an auth
7.8
HIGH
CVE-2026-41286
< 1.25.03.0000
Stack-based Buffer Overflow vulnerability in the WatchGuard Agent discovery service on Windows allows Overflow Buffers. An unauthe
6.5
MEDIUM
CVE-2026-41287
< 1.25.03.0000
Stack-based Buffer Overflow vulnerability in the WatchGuard Agent discovery service on Windows allows Overflow Buffers. An unauthe
6.5
MEDIUM
CVE-2026-28727
< c25.10
Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17
7.8
HIGH
CVE-2026-28713
< c23.12
Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect
7.1
HIGH
CVE-2025-30413
< c25.07
Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect C
4.4
MEDIUM
CVE-2025-11792
< c25.10
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Ag
7.3
HIGH
CVE-2025-11791
< c25.10
Sensitive information disclosure and manipulation due to insufficient authorization checks. The following products are affected: A
7.1
HIGH
CVE-2025-11790
< c25.10
Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect C
4.4
MEDIUM
CVE-2025-6283
< 0.3.1
A vulnerability was found in xataio Xata Agent up to 0.3.0. It has been classified as problematic. This affects the function GET o
3.5
LOW
CVE-2025-5480
< 5.218.620.1
Action1 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to es
7.8
HIGH
CVE-2024-8996
< 0.43.2
Unquoted Search Path or Element vulnerability in Grafana Agent (Flow mode) on Windows allows Privilege Escalation from Local User
7.3
HIGH
CVE-2024-0213
< 5.8.1
A buffer overflow vulnerability in TA for Linux and TA for MacOS prior to 5.8.1 allows a local user to gain elevated permissions,
8.2
HIGH
CVE-2023-48676
< c23.12
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber
7.1
HIGH
CVE-2023-45248
< c23.10
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Ag
7.3
HIGH
CVE-2023-45247
< c23.10
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber
7.1
HIGH
CVE-2023-45246
< c23.09
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber
7.1
HIGH
CVE-2023-45245
< c23.08
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, W
5.5
MEDIUM
CVE-2023-45244
< c23.07
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber
7.1
HIGH
CVE-2023-45243
< c23.06
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Ag
5.5
MEDIUM
CVE-2023-45242
< c23.06
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Ag
5.5
MEDIUM
CVE-2023-45241
< c23.06
Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS
5.5
MEDIUM
CVE-2023-45240
< c23.06
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, W
5.5
MEDIUM
CVE-2023-44214
< c23.06
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, W
5.5
MEDIUM
CVE-2023-44213
< c23.06
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis C
5.5
MEDIUM
CVE-2023-44212
< c23.01
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent
7.1
HIGH
CVE-2023-44211
< c23.02
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber
7.1
HIGH
CVE-2023-44210
all versions
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber
5.5
MEDIUM
CVE-2023-44209
all versions
Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Ag
7.8
HIGH
CVE-2023-4688
< c23.05
Sensitive information leak through log files. The following products are affected: Acronis Agent (Linux, macOS, Windows) before bu
5.5
MEDIUM
CVE-2023-41751
< c23.03
Sensitive information disclosure due to improper token expiration validation. The following products are affected: Acronis Agent (
5.5
MEDIUM
CVE-2023-41750
< c23.03
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, W
5.5
MEDIUM
CVE-2023-41749
< c23.03
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis A
7.5
HIGH
CVE-2023-41745
<= c22.11
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis A
5.5
MEDIUM
CVE-2023-41744
< c22.10
Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Agent (
7.8
HIGH
CVE-2023-41743
< c23.02
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyb
7.8
HIGH
CVE-2023-41742
< c22.09
Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent (Linux,
7.5
HIGH
CVE-2022-45451
< c22.10
Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyb
7.8
HIGH
CVE-2023-1388
< 5.7.9
A heap-based overflow vulnerability in TA prior to version 5.7.9 allows a remote user to alter the page heap in the macmnsvc proce
6.3
MEDIUM
CVE-2023-0976
< 5.7.9
A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to place an arbitrary file into the /
6.3
MEDIUM
CVE-2022-45459
< c22.07
Sensitive information disclosure due to insecure registry permissions. The following products are affected: Acronis Agent (Windows
7.5
HIGH
CVE-2022-45458
< c22.05
Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: A
7.5
HIGH
CVE-2022-45457
< c22.05
Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: A
7.5
HIGH
CVE-2022-45452
< c21.09
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before
7.8
HIGH
CVE-2022-45450
< c21.12
Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Agen
7.5
HIGH
CVE-2022-45456
< c22.08
Denial of service due to unauthenticated API endpoint. The following products are affected: Acronis Agent (Windows, macOS, Linux)
7.5
HIGH
CVE-2023-0977
<= 5.7.8
A heap-based overflow vulnerability in Trellix Agent (Windows and Linux) version 5.7.8 and earlier, allows a remote user to alter
6.7
MEDIUM
CVE-2023-0975
<= 5.7.8
A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade wor
8.2
HIGH
CVE-2022-45455
< c22.07
Local privilege escalation due to incomplete uninstallation cleanup. The following products are affected: Acronis Cyber Protect Ho
7.8
HIGH
CVE-2022-45454
< c22.08
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Agent (Windows)
7.5
HIGH
CVE-2022-3859
< 5.7.8
An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an att
6.7
MEDIUM
CVE-2022-2313
< 5.7.7
A DLL hijacking vulnerability in the MA Smart Installer for Windows prior to 5.7.7, which allows local users to execute arbitrary
8.2
HIGH
CVE-2022-30990
< c21.10
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15
7.5
HIGH
CVE-2022-1258
< 5.7.6
A blind SQL injection vulnerability in the ePolicy Orchestrator (ePO) extension of MA prior to 5.7.6 can be exploited by an authen
8.4
HIGH
CVE-2022-1257
< 5.7.6
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to
6.1
MEDIUM
CVE-2022-1256
< 5.7.6
A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system priv
7.8
HIGH
CVE-2022-24113
< c21.06
Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis
7.8
HIGH
CVE-2021-44204
< c21.06
Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cybe
7.8
HIGH
CVE-2022-0166
< 5.7.5
A privilege escalation vulnerability in the McAfee Agent prior to 5.7.5. McAfee Agent uses openssl.cnf during the build process to
7.8
HIGH
CVE-2021-31854
< 5.7.5
A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local users to inject arbitrary shell cod
7.7
HIGH
CVE-2021-41090
>= 0.14.0 and < 0.20.1
Grafana Agent is a telemetry collector for sending metrics, logs, and trace data to the opinionated Grafana observability stack. P
6.5
MEDIUM
CVE-2021-34800
<= c21.06
Sensitive information could be logged. The following products are affected: Acronis Agent (Windows, Linux, macOS) before build 271
7.5
HIGH
CVE-2021-44199
all versions
DLL hijacking could lead to denial of service. The following products are affected: Acronis Cyber Protect 15 (Windows) before buil
5.5
MEDIUM
CVE-2021-31847
< 5.7.4
Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attack
8.2
HIGH
CVE-2020-14999
>= 12.5.21540 and <= 12.5.23094
A logic bug in system monitoring driver of Acronis Agent after 12.5.21540 and before 12.5.23094 allowed to bypass Windows memory p
7.5
HIGH
CVE-2021-31839
>= 5.0.0 and < 5.7.3
Improper privilege management vulnerability in McAfee Agent for Windows prior to 5.7.3 allows a local user to modify event informa
4.8
MEDIUM
CVE-2021-1257
< 5.7.6
A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote attacker
8.8
HIGH
CVE-2020-7343
< 5.7.1
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product upd
5.5
MEDIUM
CVE-2019-3613
>= 5.0.0 and < 5.0.6
DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers with local access to execute arbitra
5.9
MEDIUM
CVE-2020-7253
>= 5.5.0 and < 5.5.4
Improper access control vulnerability in masvc.exe in McAfee Agent (MA) prior to 5.6.4 allows local users with administrator privi
5.7
MEDIUM
CVE-2019-3592
>= 5.0.0 and <= 5.6.1
Privilege escalation vulnerability in McAfee Agent (MA) before 5.6.1 HF3, allows local administrator users to potentially disable
7.2
HIGH
CVE-2019-3599
>= 5.0.0 and <= 5.0.6
Information Disclosure vulnerability in Remote logging (which is disabled by default) in McAfee Agent (MA) 5.x allows remote unaut
7.5
HIGH
CVE-2019-3598
>= 5.0.0 and <= 5.0.6
Buffer Access with Incorrect Length Value in McAfee Agent (MA) 5.x allows remote unauthenticated users to potentially cause a deni
5.3
MEDIUM
CVE-2019-1559
>= 5.6.0 and <= 5.6.4
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to
5.9
MEDIUM
CVE-2018-6707
>= 5.0.0 and <= 5.0.6
Denial of Service through Resource Depletion vulnerability in the agent in non-Windows McAfee Agent (MA) 5.0.0 through 5.0.6, 5.5.
3.7
LOW
CVE-2018-6706
>= 5.0.0 and <= 5.0.6
Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows an Unprivileged User
7.5
HIGH
CVE-2018-6705
>= 5.0.0 and <= 5.0.6
Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perf
7.8
HIGH
CVE-2018-6704
>= 5.0.0 and <= 5.0.6
Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perf
7.8
HIGH
CVE-2018-6703
>= 5.0.0 and < 5.6.0
Use After Free in Remote logging (which is disabled by default) in McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unaut
9.8
CRITICAL
CVE-2018-18817
< 7.0.1.0
The Leostream Agent before Build 7.0.1.0 when used with Leostream Connection Broker 8.2.72 or earlier allows remote attackers to m
7.5
HIGH
CVE-2015-8987
<= 4.8.0
Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and ear
5.3
MEDIUM
CVE-2016-3984
<= 5.0.2.285
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1
5.1
MEDIUM
CVE-2013-3627
>= 4.5.0 and < 4.5.0.1927
FrameworkService.exe in McAfee Framework Service in McAfee Managed Agent (MA) before 4.5.0.1927 and 4.6 before 4.6.0.3258 allows r
CVE-2008-1357
all versions
Format string vulnerability in the logDetail function of applib.dll in McAfee Common Management Agent (CMA) 3.6.0.574 (Patch 3) an
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin