CVE-2023-5042

MEDIUM 5.5

CVSS Score

5.5

EPSS Score

0.1%

EPSS Percentile

25th

Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575.

CWE	CWE-276
Vendor	acronis
Product	acronis cyber protect home office
Published	Sep 20, 2023
Last Updated	Apr 10, 2026

Stay Ahead of the Next One

Get instant alerts for acronis acronis cyber protect home office

Be the first to know when new medium vulnerabilities affecting acronis acronis cyber protect home office are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Versions

Acronis / Acronis Cyber Protect Home Office

unspecified < 40713

Acronis / Acronis True Image OEM

unspecified < 42575

References

NVD ↗ CVE.org ↗ EPSS Data ↗

security-advisory.acronis.com: https://security-advisory.acronis.com/advisories/SEC-5330

Credits

@tkoyeung (https://hackerone.com/tkoyeung)