Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild

Cyber Security

Products You May Like

Jul 29, 2024Ravie LakshmananEnterprise Security / Data Protection

Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited in the wild.

The vulnerability, tracked as CVE-2023-45249 (CVSS score: 9.8), concerns a case of remote code execution that stems from the use of default passwords.

The flaw impacts the following versions of Acronis Cyber Infrastructure (ACI) –

  • < build 5.0.1-61
  • < build 5.1.1-71
  • < build 5.2.1-69
  • < build 5.3.1-53, and
  • < build 5.4.4-132

It has been addressed in versions 5.4 update 4.2, 5.2 update 1.3, 5.3 update 1.3, 5.0 update 1.4, and 5.1 update 1.2 released in late October 2023.

Cybersecurity

There are currently no details on how the vulnerability is being weaponized in real-world cyber attacks and the identity of the threat actors that may be exploiting it.

However, the Swiss-headquartered company acknowledged reports of active exploitation in an updated advisory last week. “This vulnerability is known to be exploited in the wild,” it said.

Users of affected versions of ACI are recommended to update to the latest version to mitigate potential threats.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Products You May Like

Articles You May Like

Infinix Hot 50 5G India Launch Date Set for September 5; Design, Key Features Revealed Ahead of Debut
Black Myth: Wukong Said to Be Delayed on Xbox Due to Exclusivity Deal Between Sony, Game Science
The sneaky way Big Tech is acquiring AI unicorns without buying the companies
Xiaomi 14T, Xiaomi 14T Pro Pricing and Key Specifications Leaked Ahead of Anticipated Debut
IC 814: The Kandahar Hijack Review: A Thoroughly Researched Series That Points the Finger at the System

Leave a Reply

Your email address will not be published. Required fields are marked *