Acronis Cyber Protect Cloud Agent on Windows: Unauthorized Code Execution

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.3

Acronis Cyber Protect Cloud Agent on Windows: Unauthorized Code Execution

CVE-2025-11792

Summary

Malicious code can run with elevated Windows privileges. This affects Windows versions and Acronis Cyber Protect Cloud Agent versions prior to build 41124. Update to the latest version of the agent to fix this vulnerability.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
acronis	agent	<= c25.10	–

Original title

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 41124.

Original description

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 41124.

nvd CVSS3.0 7.3

Vulnerability type

CWE-427 Uncontrolled Search Path Element

https://security-advisory.acronis.com/advisories/SEC-9439

Published: 6 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026