DE
DE EN
DE
DE EN
Kontakt
Anmeldung
Themen
Finanzen & Versicherung
Handel
Industrie
IT & Beratung
Tourismus
Transport
Recht
Öffentlich

Acronis warns of Cyber Infrastructure default password abused in attacks

0
Teilen:

​Acronis warned customers to patch a critical Cyber Infrastructure security flaw that lets attackers bypass authentication on vulnerable servers using default credentials.

Acronis Cyber Infrastructure (ACI) is a unified multi-tenant platform for cyber protection that combines remote endpoint management, backup, and virtualization capabilities. It’s also designed to run disaster recovery workloads and store enterprise backup data securely.

Unauthenticated attackers can exploit the vulnerability (tracked as CVE-2023-45249) in low-complexity attacks that don’t require user interaction to gain remote code execution on unpatched ACI servers.

The CVE-2023-45249 flaw was patched nine months ago and impacts multiple products, including:

  • Acronis Cyber Infrastructure (ACI) before build 5.0.1-61 (patched in ACI 5.0 update 1.4),
  • Acronis Cyber Infrastructure (ACI) before build 5.1.1-71 (patched in ACI 5.1 update 1.2),
  • Acronis Cyber Infrastructure (ACI) before build 5.2.1-69 (patched in ACI 5.2 update 1.3),
  • Acronis Cyber Infrastructure (ACI) before build 5.3.1-53 (patched in ACI 5.3 update 1.3),
  • Acronis Cyber Infrastructure (ACI) before build 5.4.4-132 (patched in ACI 5.4 update 4.2).

Earlier this week, the company confirmed in a new security advisory that the bug has been exploited in attacks and warned admins to patch their installation as soon as possible.

“This update contains fixes for 1 critical severity security vulnerability and should be installed immediately by all users. This vulnerability is known to be exploited in the wild,” Acronis said.

“Keeping the software up to date is important to maintain the security of your Acronis products. For guidelines on the availability of support and security updates, see Acronis products support lifecycle.”

To check if your servers are vulnerable, you can find Acronis Cyber Infrastructure’s build number by going into the Help -> About dialog box from the software’s main window.

To update ACI to the latest available build, you have to:

  1. Log in to your account (you can create one and register your licenses using these instructions).
  2. Download the latest ACI build in the “Products” section and install it on vulnerable servers.

Acronis shared the following statement about the flaw with BleepingComputer.

“CVE-2023-45249 pertains to remote command execution vulnerability due to the use of default passwords. The Acronis security team has conducted a thorough analysis and assessed the critical risk level.

We have already implemented a patch to address this issue; the patch has been released and deployed. We have advised customers to upgrade to the latest version of Acronis Cyber Infrastructure (ACI) in order to fix the vulnerability.

The patch and fix were made available 9 months ago when the vulnerability was first detected. Customers should follow patch protocols posted here: https://security-advisory.acronis.com/advisories/SEC-6452.”

Kommentar verfassen

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

lade-bild
London, GB
11:43 am, Juni 20, 2025
Wetter-Symbol 26°C
L: 25° | H: 27°
overcast clouds
Luftfeuchtigkeit: 54 %
Druck: 1023 mb
Wind: 5 mph E
Windböe: 8 mph
UV-Index: 0
Niederschlag: 0 mm
Wolken: 100%
Regen Chance: 0%
Sichtbarkeit: 10 km
Sonnenaufgang: 4:42 am
Sonnenuntergang: 9:21 pm
TäglichStündlich
Tägliche VorhersageStündliche Vorhersage
Today 10:00 pm
Wetter-Symbol
25° | 27°°C 0 mm 0% 11 mph 56 % 1023 mb 0 mm/h
Tomorrow 10:00 pm
Wetter-Symbol
18° | 32°°C 0.43 mm 43% 11 mph 62 % 1020 mb 0 mm/h
So. Juni 22 10:00 pm
Wetter-Symbol
17° | 26°°C 0.86 mm 86% 15 mph 87 % 1014 mb 0 mm/h
Mo. Juni 23 10:00 pm
Wetter-Symbol
14° | 23°°C 0.2 mm 20% 14 mph 80 % 1017 mb 0 mm/h
Di. Juni 24 10:00 pm
Wetter-Symbol
14° | 25°°C 0 mm 0% 16 mph 76 % 1017 mb 0 mm/h
Today 1:00 pm
Wetter-Symbol
26° | 26°°C 0 mm 0% 9 mph 54 % 1023 mb 0 mm/h
Today 4:00 pm
Wetter-Symbol
26° | 26°°C 0 mm 0% 11 mph 48 % 1023 mb 0 mm/h
Today 7:00 pm
Wetter-Symbol
22° | 23°°C 0 mm 0% 11 mph 46 % 1022 mb 0 mm/h
Today 10:00 pm
Wetter-Symbol
20° | 20°°C 0 mm 0% 8 mph 56 % 1022 mb 0 mm/h
Tomorrow 1:00 am
Wetter-Symbol
18° | 18°°C 0 mm 0% 5 mph 62 % 1020 mb 0 mm/h
Tomorrow 4:00 am
Wetter-Symbol
18° | 18°°C 0 mm 0% 5 mph 60 % 1019 mb 0 mm/h
Tomorrow 7:00 am
Wetter-Symbol
21° | 21°°C 0 mm 0% 6 mph 54 % 1019 mb 0 mm/h
Tomorrow 10:00 am
Wetter-Symbol
28° | 28°°C 0 mm 0% 9 mph 34 % 1018 mb 0 mm/h
Wetter von OpenWeatherMap
Name Preis24H (%)
Bitcoin(BTC)
€92,212.21
0.95%
Ethereum(ETH)
€2,221.05
0.48%
Fesseln(USDT)
€0.87
-0.01%
XRP(XRP)
€1.89
0.29%
Solana(SOL)
€128.91
1.33%
USDC(USDC)
€0.87
0.01%
Dogecoin(DOGE)
€0.148233
0.00%
Shiba Inu(SHIB)
€0.000010
0.82%
Pepe(PEPE)
€0.000009
-0.72%
Risikomonitor
Erkennen und überwachen Sie IT-Schwachstellen mit nur einem Klick, bevor es zu spät ist.

Verbindung zum Dienstprogramm

Nützlicher Link

Newsletter

Folgen Sie uns

Facebook Twitter Youtube Linkedin

© 2025 risikomonitor.com gmbh

Nach oben scrollen