CVE-2026-41220

Improper Input Validation Allowing Local Privilege Escalation in Acronis DeviceLock DLP and Cyber Protect Cloud Agent

Description

Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) before build 42183.

INFO

Published Date :

2026-04-29T13:43:36.083Z

Last Modified :

2026-04-29T15:41:49.160Z

Source :

Acronis

AFFECTED PRODUCTS

The following products are affected by CVE-2026-41220 vulnerability.

Vendors	Products
Acronis	Cyber Protect Cloud Agent Devicelock Dlp

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-41220.

URL	Resource
https://security-advisory.acronis.com/advisories/SEC-10296

CVSS Vulnerability Scoring System

V3.0

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact