Acronis Cyber Protect 17 for Windows: Unprivileged Access to Admin Tools

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.3

Acronis Cyber Protect 17 for Windows: Unprivileged Access to Admin Tools

CVE-2026-28712

Summary

Older versions of Acronis Cyber Protect 17 for Windows have a security weakness that allows a malicious program to gain elevated privileges. This could potentially allow an attacker to access and manipulate sensitive system settings. Update to version 41186 or later to fix this issue.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
acronis	cyber_protect	<= 17.0.41186	–

Original title

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.

Original description

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.

nvd CVSS3.0 6.3

Vulnerability type

CWE-427 Uncontrolled Search Path Element

https://security-advisory.acronis.com/advisories/SEC-2332

Published: 6 Mar 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026