PT-2026-35925 · Acronis · Devicelock Dlp+1

Kolja Grassmann

Published

2026-04-29

Updated

2026-04-29

CVE-2026-41220

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Acronis DeviceLock DLP (Windows) versions prior to 9.0.93212 Acronis Cyber Protect Cloud Agent (Windows) versions prior to 42183

Description Local privilege escalation occurs due to improper input validation, which is a failure of the application to correctly verify the data it receives, potentially allowing an attacker to gain higher permissions on the system.

Recommendations Update Acronis DeviceLock DLP (Windows) to build 9.0.93212 or later. Update Acronis Cyber Protect Cloud Agent (Windows) to build 42183 or later.

Fix

LPE

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2026-41220

Affected Products

Cyber Protect Cloud Agent

Devicelock Dlp

PT-2026-35925 · Acronis · Devicelock Dlp+1

CVE-2026-41220

Weakness Enumeration

Related Identifiers

Affected Products

References · 4