Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.1
Acronis Cyber Protect Cloud Agent and Cyber Protect 17: Default Admin Passwords Exposed
CVE-2026-28713
Summary
Acronis Cyber Protect Cloud Agent and Cyber Protect 17 for VMware have a default admin password that hasn't been changed. This means that anyone who knows the default password can access the system with full privileges, which is a serious security risk. You should change the default password to a strong, unique one to prevent unauthorized access.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| acronis | agent | <= c23.12 | – |
| acronis | cyber_protect | <= 17.0.41186 | – |
Original title
Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, Acronis Cyber Protect 17 ...
Original description
Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, Acronis Cyber Protect 17 (VMware) before build 41186.
nvd CVSS3.0
7.1
Vulnerability type
CWE-1392
Published: 6 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026