HIGHCVE-2026-41220Published 2026-04-29Modified 2026-04-29CNA Acronis

CVE-2026-41220: Local privilege escalation due to improper input validation

Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) before build 42183.

CVSS v3.0: 7.8
Severity: HIGH
Fixed in: 9.0.93212
Affected Products: 2

Fix available

9.0.9321242183

Affected packages

Acronis / Acronis DeviceLock DLP
< 9.0.93212 (from unspecified)
Acronis / Acronis Cyber Protect Cloud Agent
< 42183 (from unspecified)

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

SEC-10296

Metrics

Fix available