Swiss cybersecurity experts Acronis are urging its customers to install a patch released nine months ago, as it fixes a flaw that is now being actively exploited.
The vulnerability is described as a flaw that allows “remote command execution using default passwords” and, as the name suggests, allows attackers to remotely authenticate and execute malicious code on vulnerable servers.
The bug is tracked as CVE-2023-45249 and has a severity score of 9.8 (critical) according to the NVD.
Multiple versions affected
It was found in Acronis Cyber Infrastructure (ACI), a software-defined infrastructure solution designed to provide secure and efficient storage, compute, and networking resources. It integrates with Acronis Cyber Protection solutions, providing a comprehensive approach to data protection and disaster recovery.
The platform supports diverse workloads and is optimized for performance, reliability, and ease of management. The company claims that more than 20,000 service providers use ACI, protecting more than 750,000 organizations in 150 countries.
The flaw was found in multiple versions of ACI, including builds prior to 5.0. 1-61 (patched in ACI 5.0 update 1.4), 5.1. 1-71 (patched in ACI 5.1 update 1.2), 5.2. 1-69 (patched in ACI 5.2 update 1.3), 5.3. 1-53 (patched in ACI 5.3 update 1.3), and 5.4. 4-132 (patched in ACI 5.4 update 4.2). In a security advisory published last week, the company confirmed that the bug is being exploited in the wild:
“This update contains fixes for 1 critical security vulnerability and should be installed immediately by all users. This vulnerability is known to be exploited in the wild,” Acronis said.
“Keeping your software up to date is important to maintain the security of your Acronis products. For guidance on support availability and security updates, see Acronis Product Support Lifecycle.”
Through BleepingComputer