Weak TLS Encryption Vulnerability in Acronis Cyber Protect 16
CVE-2025-48960

5.9MEDIUM

Key Information:

Vendor: Acronis
Status: Acronis Cyber Protect 16
Vendor: CVE Published:; 4 June 2025

What is CVE-2025-48960?

Acronis Cyber Protect 16 is affected by a vulnerability that arises from the use of a weak server key for TLS encryption. This flaw can expose sensitive information and compromise the integrity of data transmitted over secure connections. Users running versions prior to build 39938 on Linux, macOS, and Windows platforms should be aware of this significant security issue and take appropriate actions to mitigate risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Acronis Cyber Protect 16 Linux < 39938

References

https://security-advisory.acronis.com/advisories/SEC-6403

vendor-advisory

CVSS V3.0

Score:

5.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 4, 2025
Vulnerability Reserved
May 29, 2025

JSON

Acronis