Acronis has issued a warning about a critical security flaw in its Cyber Infrastructure (ACI) platform that allows attackers to bypass authentication using default credentials. The vulnerability, tracked as CVE-2023-45249, affects several Acronis ACI builds and can lead to remote code execution without requiring user interaction. This flaw, identified and patched nine months ago, impacts versions before specific build numbers across ACI updates 5.0 through 5.4.
The vulnerability enables unauthenticated attackers to exploit the flaw to gain unauthorized access and execute commands remotely on unpatched servers. Acronis has confirmed that this issue has been actively exploited in the wild, heightening the urgency for users to update their systems. The company emphasizes the need for immediate patching to protect against potential attacks.
To address the issue, Acronis has released patches in various updates, including ACI 5.0 update 1.4, 5.1 update 1.2, 5.2 update 1.3, 5.3 update 1.3, and 5.4 update 4.2. Users are advised to check their build numbers through the software’s Help -> About dialog and upgrade to the latest build as outlined in Acronis’s support and security update guidelines.
Acronis has provided detailed instructions for updating ACI, including logging into the account, downloading the latest build, and installing it on vulnerable servers. The company underscores the importance of keeping software up to date to maintain security and prevent exploitation of known vulnerabilities.