CVE Vulnerabilities

CVE-2025-48963

Externally Controlled Reference to a Resource in Another Sphere

Published: Aug 28, 2025 | Modified: Aug 28, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40296.

Weakness

The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.

References