What is the CVSS score of CVE-2026-28714?

CVE-2026-28714 has a CVSS 3.0 base score of 4.8 (Medium). CVSS vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N. EPSS exploitation probability: 0.0%.

Which versions of Windows are affected by CVE-2026-28714?

CVE-2026-28714 presents moderate security risk rated CVSS 4.8. Exploitation could compromise the security of affected deployments.

Windows CVE-2026-28714

MEDIUM

Insufficiently Protected Credentials (CWE-522)

2026-03-06 security@acronis.com

Windows Information Disclosure Cyber Protect

4.8

CVSS 3.0

CVSS VectorNVD

CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Attack Vector

Adjacent

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:06 vuln.today

CVE Published

Mar 06, 2026 - 00:16 nvd

MEDIUM 4.8

DescriptionNVD

Unnecessary transmission of sensitive cryptographic material. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.

AnalysisAI

Acronis Cyber Protect 17 before build 41186 transmits sensitive cryptographic material unnecessarily, allowing adjacent network attackers to potentially intercept and obtain this sensitive data under specific conditions. The vulnerability requires user interaction and affects both Linux and Windows deployments. …

RemediationAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-28714 vulnerability details – vuln.today

Back

Windows CVE-2026-28714

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code