CVE-2024-49382

Name of the Vulnerable Software and Affected Versions Acronis Cyber Protect 16 versions prior to build 38690

Description The archive-server service in Acronis Cyber Protect 16 has an excessive attack surface due to binding to an unrestricted IP address. This issue affects Acronis Cyber Protect 16 on both Linux and Windows platforms.

Recommendations For Acronis Cyber Protect 16 versions prior to build 38690, update to build 38690 or later to resolve the issue. As a temporary workaround, consider restricting access to the archive-server service to minimize the risk of exploitation.