CVE-2025-30413 - Vulnerability Details - OpenCVE

Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40497, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Acronis	Acronis Cyber Protect 17 Cyber Protect Cloud Agent

No data.

No data.

References

Link	Providers
https://www.spirityenterprise.com/virtual-ciso
https://security-advisory.acronis.com/SEC-9386
https://security-advisory.acronis.com/advisories/SEC-8658

History

Fri, 06 Mar 2026 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 06 Mar 2026 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Acronis Acronis acronis Cyber Protect 17 Acronis cyber Protect Cloud Agent
Vendors & Products		Acronis Acronis acronis Cyber Protect 17 Acronis cyber Protect Cloud Agent

Fri, 06 Mar 2026 00:00:00 +0000

Type	Values Removed	Values Added
Description		Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40497, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.
Weaknesses		CWE-732
References		https://security-advisory.acronis.com/SEC-9386 https://security-advisory.acronis.com/advisories/SEC-8658
Metrics		cvssV3_0 `{'score': 4.4, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N'}`

MITRE

Status: PUBLISHED

Assigner: Acronis

Published: 2026-03-05T23:56:29.887Z

Updated: 2026-03-06T19:33:57.793Z

Reserved: 2025-03-21T21:04:39.511Z

Link: CVE-2025-30413

Vulnrichment

Updated: 2026-03-06T19:29:49.242Z

NVD

Status : Received

Published: 2026-03-06T00:16:10.047

Modified: 2026-03-06T00:16:10.047

Link: CVE-2025-30413

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-30413", "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "state": "PUBLISHED", "assignerShortName": "Acronis", "dateReserved": "2025-03-21T21:04:39.511Z", "datePublished": "2026-03-05T23:56:29.887Z", "dateUpdated": "2026-03-06T19:33:57.793Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "shortName": "Acronis", "dateUpdated": "2026-03-05T23:56:29.887Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-732", "description": "CWE-732", "type": "CWE"}]}], "affected": [{"vendor": "Acronis", "product": "Acronis Cyber Protect Cloud Agent", "platforms": ["Linux", "macOS", "Windows"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "40497", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis Cyber Protect 17", "platforms": ["Linux", "macOS", "Windows"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "41186", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40497, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186."}], "references": [{"url": "https://security-advisory.acronis.com/advisories/SEC-8658", "name": "SEC-8658", "tags": ["vendor-advisory"]}, {"name": "SEC-9386", "url": "https://security-advisory.acronis.com/SEC-9386", "tags": ["related"]}], "credits": [{"lang": "en", "value": "Airbus SecLab (mailto:vuln@airbus.com)", "type": "finder"}, {"lang": "en", "value": "Quentin Liddell (mailto:vuln@airbus.com)", "type": "finder"}, {"lang": "en", "value": "Matt\u00e9o Ricordeau (mailto:vuln@airbus.com)", "type": "finder"}, {"lang": "en", "value": "Beno\u00eet Camredon (mailto:vuln@airbus.com)", "type": "finder"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_0": {"version": "3.0", "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-06T19:29:48.093663Z", "id": "CVE-2025-30413", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-06T19:33:57.793Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-30413", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-06T19:29:48.093663Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-06T19:29:49.242Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Airbus SecLab (mailto:vuln@airbus.com)"}, {"lang": "en", "type": "finder", "value": "Quentin Liddell (mailto:vuln@airbus.com)"}, {"lang": "en", "type": "finder", "value": "Matt\u00e9o Ricordeau (mailto:vuln@airbus.com)"}, {"lang": "en", "type": "finder", "value": "Beno\u00eet Camredon (mailto:vuln@airbus.com)"}], "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Acronis", "product": "Acronis Cyber Protect Cloud Agent", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "40497", "versionType": "semver"}], "platforms": ["Linux", "macOS", "Windows"], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis Cyber Protect 17", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "41186", "versionType": "semver"}], "platforms": ["Linux", "macOS", "Windows"], "defaultStatus": "unaffected"}], "references": [{"url": "https://security-advisory.acronis.com/advisories/SEC-8658", "name": "SEC-8658", "tags": ["vendor-advisory"]}, {"url": "https://security-advisory.acronis.com/SEC-9386", "name": "SEC-9386", "tags": ["related"]}], "descriptions": [{"lang": "en", "value": "Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40497, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-732", "description": "CWE-732"}]}], "providerMetadata": {"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "shortName": "Acronis", "dateUpdated": "2026-03-05T23:56:29.887Z"}}}, "cveMetadata": {"cveId": "CVE-2025-30413", "state": "PUBLISHED", "dateUpdated": "2026-03-06T19:33:57.793Z", "dateReserved": "2025-03-21T21:04:39.511Z", "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "datePublished": "2026-03-05T23:56:29.887Z", "assignerShortName": "Acronis"}, "dataVersion": "5.2"}