Severity Level: Critical
Title:
Exploited Vulnerability in Acronis Cyber Infrastructure
Timestamp:
Tuesday July 30, 2024
Summary:
CVE-2023-45249 | CVSS score: 9.8 - Critical | Insecure Default Password Vulnerability o The security defect impacts Acronis Cyber Infrastructure (ACI) and allows threat actors to execute arbitrary code remotely due to the use of default passwords.
Affected Versions:
• Acronis Cyber Infrastructure (ACI) before build 5.0.1-61
• Acronis Cyber Infrastructure (ACI) before build 5.1.1-71
• Acronis Cyber Infrastructure (ACI) before build 5.2.1-69
• Acronis Cyber Infrastructure (ACI) before build 5.3.1-53
• Acronis Cyber Infrastructure (ACI) before build 5.4.4-132
Fixed Versions:
• Acronis Cyber Infrastructure 5.4 update 4.2
• Acronis Cyber Infrastructure 5.2 update 1.3
• Acronis Cyber Infrastructure 5.3 update 1.3
• Acronis Cyber Infrastructure 5.0 update 1.4
• Acronis Cyber Infrastructure 5.1 update 1.2
Recommendations:
applying the security updates recently released by Acronis
References:
For references :
Click here