Cyber Resilience

CVE-2026-28711

Medium

Published: 06 March 2026

Published
06 March 2026
Modified
11 March 2026
KEV Added
Patch
CVSS Score v3 6.3 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Score 0.0009 0.6th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2026-28711 is a medium-severity Uncontrolled Search Path Element (CWE-427) vulnerability in Acronis Cyber Protect. Its CVSS base score is 6.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique DLL (T1574.001); ranked at the 0.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1574.001 DLL Stealth
Adversaries may abuse dynamic-link library files (DLLs) in order to achieve persistence, escalate privileges, and evade defenses.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

CVE describes local privilege escalation via DLL hijacking (CWE-427), directly enabling T1574.002 (DLL Side-Loading) and T1068 (Exploitation for Privilege Escalation).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

Affected Assets

acronis
cyber protect
≤ 17.0.41186

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References