CVE-2023-45249 - Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability

CVE-2023-45249: Acronis | Cyber Infrastructure (ACI)

Date Added:
2024-07-29

Due Date:
2024-08-19

Vulnerability Name: Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability

Description: Acronis Cyber Infrastructure (ACI) allows an unauthenticated user to execute commands remotely due to the use of default passwords.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: https://security-advisory.acronis.com/advisories/SEC-6452; https://nvd.nist.gov/vuln/detail/CVE-2023-45249

Related News Articles

Critical Flaw in Acronis Cyber Infrastructure Exploited in the WildJuly 30, 2024

Critical Acronis Cyber Infrastructure vulnerability exploited in the wild (CVE-2023-45249)July 29, 2024

Acronis warns of Cyber Infrastructure default password abused in attacksJuly 27, 2024

Free security scan for your website

Don't show website scan report rating on the leaderboard