CVE-2023-45249 - Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability
Project:Acronis
Product:Cyber Infrastructure (ACI)
Date Added:2024-07-29Due Date:2024-08-19
Vulnerability Name
Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability
Description
Acronis Cyber Infrastructure (ACI) allows an unauthenticated user to execute commands remotely due to the use of default passwords.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://security-advisory.acronis.com/advisories/SEC-6452
https://nvd.nist.gov/vuln/detail/CVE-2023-45249
Related News Articles
Critical Flaw in Acronis Cyber Infrastructure Exploited in the WildJuly 30, 2024
Critical Acronis Cyber Infrastructure vulnerability exploited in the wild (CVE-2023-45249)July 29, 2024
Acronis warns of Cyber Infrastructure default password abused in attacksJuly 27, 2024
