An authentication bypass vulnerability in the Acronis Cyber Infrastructure is being exploited in the wild. Tracked as CVE-2023-45249, this vulnerability has a critical severity rating and a CVSS score of 9.8. Successful exploitation of the vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on vulnerable systems. An attacker may exploit the vulnerability by using the default credentials.
CISA acknowledged the active exploitation of CVE-2023-45249 by adding it to its Known Exploited Vulnerabilities Catalog and requesting users patch the flaw before August 19, 2024.
Acronis Cyber Infrastructure is a software-defined infrastructure solution that works with Acronis Cyber Backup and the Acronis Cyber Cloud suite of products. It can help to reduce the number of technologies needed in data centers and improve performance.
Affected Versions
- Acronis Cyber Infrastructure (ACI) before build 5.0.1-61
- Acronis Cyber Infrastructure (ACI) before build 5.1.1-71
- Acronis Cyber Infrastructure (ACI) before build 5.2.1-69
- Acronis Cyber Infrastructure (ACI) before build 5.3.1-53
- Acronis Cyber Infrastructure (ACI) before build 5.4.4-132
Mitigation
The vendor released patches to address the vulnerability.
For more information about the mitigation, please refer to Acronis Security Advisory.
Qualys Detection
Qualys customers can scan their devices with QID 380256 to detect vulnerable assets.
Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.
References
https://security-advisory.acronis.com/advisories/SEC-6452