Acronis Cyber Protect Leaks Sensitive Encryption Keys

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

4.8

Acronis Cyber Protect Leaks Sensitive Encryption Keys

CVE-2026-28714

Summary

Acronis Cyber Protect versions before 41186 on Linux and Windows may inadvertently share encryption keys, potentially exposing sensitive data. This issue matters because it could allow unauthorized access to encrypted files. Users should update to version 41186 or later to prevent this risk.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
acronis	cyber_protect	<= 17.0.41186	–

Original title

Unnecessary transmission of sensitive cryptographic material. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.

Original description

Unnecessary transmission of sensitive cryptographic material. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.

nvd CVSS3.0 4.8

Vulnerability type

CWE-522 Insufficiently Protected Credentials

https://security-advisory.acronis.com/advisories/SEC-5383

Published: 6 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026