Acronis Urges Users to Patch 9-Month-Old Security Flaw Being Exploited in the Wild

Swiss cybersecurity experts Acronis are urging users to patch a nine-month-old vulnerability in Acronis Cyber Infrastructure (ACI) that’s now actively being abused. The flaw, CVE-2023-45249, allows remote command execution via default passwords and carries a critical severity score of 9.8. Don’t let your servers become the wild west—update now!

3P
Published: July 29, 2024 3:17 pmAdded: July 29, 2024 at 8:51 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Someone give Acronis a calendar! They’re urging customers to patch a flaw they discovered nine months ago. That’s like warning someone about wet paint after they’ve already sat on the bench!

Key Points:

  • Acronis is urging customers to apply a patch issued nine months ago.
  • The vulnerability, CVE-2023-45249, allows remote command execution due to default passwords.
  • The flaw has a severity score of 9.8 (critical) according to the NVD.
  • Multiple versions of Acronis Cyber Infrastructure (ACI) are affected.
  • Over 20,000 service providers using ACI are at risk, protecting more than 750,000 organizations in 150 countries.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?