HIGHCVE-2026-28713Published 2026-03-05Modified 2026-03-07CNA Acronis

CVE-2026-28713: Default credentials set for local privileged user in Virtual Appliance

Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, Acronis Cyber Protect 17 (VMware) before build 41186.

CVSS v3.0: 7.1
Severity: HIGH
Fixed in: 36943
Affected Products: 2

Fix available

3694341186

Affected packages

Acronis / Acronis Cyber Protect Cloud Agent
< 36943 (from unspecified)
Acronis / Acronis Cyber Protect 17
< 41186 (from unspecified)

CVSS Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L

References

SEC-4168

Metrics

Fix available