Weak Hash Algorithm Vulnerability in Acronis Cyber Protect by Acronis
CVE-2024-56414

Currently unrated

Key Information:

Vendor: Acronis
Status: Acronis Cyber Protect 16
Vendor: CVE Published:; 2 January 2025

Summary

A vulnerability exists in Acronis Cyber Protect 16 for Windows due to the use of a weak hash algorithm in the web installer integrity check. This flaw can potentially allow an attacker to manipulate the integrity of the installation process, leading to unauthorized access or execution of malicious code. The affected version includes all builds prior to 39169, necessitating prompt updates to mitigate associated security risks.

Affected Version(s)

Acronis Cyber Protect 16 Windows < 39169

References

https://security-advisory.acronis.com/advisories/SEC-1911

vendor-advisory

Timeline

Vulnerability published
Jan 2, 2025
Vulnerability Reserved
Dec 23, 2024