Exploitation of Vulnerability CVE-2023-45249 in Acronis Cyber Infrastructure

Critical vulnerability in Acronis Cyber Infrastructure (ACI) could be exploited to achieve remote code execution

Threat ID:: CC-4532
Threat Severity:: Medium
Published:: 29 July 2024 4:17 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Critical vulnerability in Acronis Cyber Infrastructure (ACI) could be exploited to achieve remote code execution

Affected platforms

The following platforms are known to be affected:

Acronis Cyber Infrastructure (ACI)

all prior to 5.0.1-61
all prior to 5.1.1-71
all prior to 5.2.1-69
all prior to 5.3.1-53
all prior to 5.4.4-132

Threat details

Exploitation for CVE-2023-45249 in the wild

Acronis reports that the critical vulnerability CVE-2023-45249 is being exploited.

Introduction

Acronis has released an update for a critical vulnerability in multiple Acronis Cyber Infrastructure (ACI) build versions. Acronis ACI is a multi-tenant, hyper-converged infrastructure solution for cyber protection.

The vulnerability is tracked as CVE-2023-45249 and has a CVSS3 score of 9.8. A remote attacker could exploit this default password vulnerability to achieve remote code execution (RCE).

Remediation advice

Affected organisations are encouraged to review Acronis Security Advisory SEC-6452 and apply any relevant updates.

Definitive source of threat updates

https://security-advisory.acronis.com/advisories/SEC-6452

CVE Vulnerabilities

Status Published

CVE-2023-45249

Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132.

Last edited: 29 July 2024 4:17 pm