CVE-2023-45249

Name of the Vulnerable Software and Affected Versions: Acronis Cyber Infrastructure (ACI) versions prior to 5.0.1-61 Acronis Cyber Infrastructure (ACI) versions prior to 5.1.1-71 Acronis Cyber Infrastructure (ACI) versions prior to 5.2.1-69 Acronis Cyber Infrastructure (ACI) versions prior to 5.3.1-53 Acronis Cyber Infrastructure (ACI) versions prior to 5.4.4-132

Description: The issue is related to the use of default passwords in Acronis Cyber Infrastructure (ACI), allowing a remote attacker to execute arbitrary code. This can lead to remote command execution. The estimated number of potentially affected devices is not confirmed, but it is reported that there are probably quite a few large companies using ACI. The vulnerability has been exploited in the wild to install a cryptominer.

Recommendations: For versions prior to 5.0.1-61, update to a version after 5.0.1-61 to resolve the issue. For versions prior to 5.1.1-71, update to a version after 5.1.1-71 to resolve the issue. For versions prior to 5.2.1-69, update to a version after 5.2.1-69 to resolve the issue. For versions prior to 5.3.1-53, update to a version after 5.3.1-53 to resolve the issue. For versions prior to 5.4.4-132, update to a version after 5.4.4-132 to resolve the issue. As a temporary workaround, consider restricting access to the default password-protected areas until a patch is available.