Acronis Cyber Protect 17 Exposes Sensitive Data Due to Browser Misconfiguration

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.5

Acronis Cyber Protect 17 Exposes Sensitive Data Due to Browser Misconfiguration

CVE-2026-28725

Summary

If not configured properly, Acronis Cyber Protect 17 may leak sensitive information. This affects all versions before build 41186 on Linux and Windows. To protect your data, update to the latest version or reconfigure your browser settings as per the vendor's instructions.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
acronis	cyber_protect	<= 17.0.41186	–

Original title

Sensitive information disclosure due to improper configuration of a headless browser. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.

Original description

Sensitive information disclosure due to improper configuration of a headless browser. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.

nvd CVSS3.0 5.5

Vulnerability type

CWE-732 Incorrect Permission Assignment for Critical Resource

https://security-advisory.acronis.com/advisories/SEC-8695

Published: 6 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026