dark
Hand-Picked Top-Read Stories
Trending Tags
1 minute read

Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild

Avatar
info@thehackernews.com (The Hacker News)
July 29, 2024
Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited in the wild. The vulnerability, tracked as CVE-2023-45249 (CVSS score: 9.8), concerns a case of remote code execution that stems from the use of default passwords. The flaw impacts the following versions of Acronis Cyber Infrastructure (ACI) – &
Total
0
Shares
0
0
0
[[{“value”:”

Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited in the wild.

The vulnerability, tracked as CVE-2023-45249 (CVSS score: 9.8), concerns a case of remote code execution that stems from the use of default passwords.

The flaw impacts the following versions of Acronis Cyber Infrastructure (ACI) –

< build 5.0.1-61
< build 5.1.1-71
< build 5.2.1-69
< build 5.3.1-53, and
< build 5.4.4-132

It has been addressed in versions 5.4 update 4.2, 5.2 update 1.3, 5.3 update 1.3, 5.0 update 1.4, and 5.1 update 1.2 released in late October 2023.

There are currently no details on how the vulnerability is being weaponized in real-world cyber attacks and the identity of the threat actors that may be exploiting it.

However, the Swiss-headquartered company acknowledged reports of active exploitation in an updated advisory last week. “This vulnerability is known to be exploited in the wild,” it said.

Users of affected versions of ACI are recommended to update to the latest version to mitigate potential threats.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

“}]] The Hacker News 

Total
0
Shares
Share 0
Tweet 0
Share 0
Share 0
Share 0
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails

July 29, 2024
Next Post

State Department: UN cybercrime treaty must include human rights protections

July 30, 2024
Related Posts
2 min

Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool

Palo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that could lead to an authentication bypass. Cataloged as CVE-2024-5910 (CVSS score: 9.3), the vulnerability has been described as a case of missing authentication in its Expedition migration tool that could lead to an admin account takeover. "Missing authentication
Avatar
info@thehackernews.com (The Hacker News)
July 11, 2024
Read More
1 min

CISO Brisbane

[[{“value”:” August 27, 2024Location: Hilton Brisbane, Australiawebsite: https://ciso-bris.coriniumintelligence.com/ Join us for CISO Brisbane on the 27 August at…
Avatar
July 24, 2024
Read More