CRITICAL🚩 CISA KEV⚑ EXPLOITβœ“ PATCHπŸ‡΅πŸ‡± Wersja polska

CVE-2023-45249

CVSS 9.8v3.1pub. 2024-07-24upd. 2025-10-22

Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132.

πŸ€– AI Analysis
How it works

The vulnerability results from the presence of default passwords (CWE-1393) in the Acronis Cyber Infrastructure product. An unauthenticated attacker operating over the network can exploit these default credentials to gain access to the system. After authentication, it is possible to remotely execute arbitrary commands on the vulnerable device. The lack of user interaction requirement and special privileges makes the attack exceptionally easy to carry out.

Impact

An attacker can take full control of the system β€” gain access to sensitive data, modify data or system configuration, and disrupt its availability (complete breach of confidentiality, integrity, and availability).

Mitigation & patch

Acronis Cyber Infrastructure must be immediately updated to versions containing the patch: build 5.0.1-61, 5.1.1-71, 5.2.1-69, 5.3.1-53, or 5.4.4-132 (respectively for your branch). Detailed information is available in the vendor's advisory at security-advisory.acronis.com/advisories/SEC-6452. Additionally, ensure that default passwords have been changed to unique and strong values.

Who is affected

Acronis Cyber Infrastructure (ACI) in all versions before build 5.0.1-61, before build 5.1.1-71, before build 5.2.1-69, before build 5.3.1-53, and before build 5.4.4-132.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Acronis Cyber Infrastructure

    APP
    Acronis
    < 5.0.1-615.1.1 – 5.1.1-71 (bez)5.2.1 – 5.2.1-69 (bez)5.3.1 – 5.3.1-53 (bez)5.4.4 – 5.4.4-132 (bez)

CISA KEV β€” detailsi

Vendori
Acronis
Producti
Cyber Infrastructure (ACI)
Added to KEVi
July 29, 2024
Remediation deadline (US Federal)i
August 19, 2024(overdue)
Required action (CISA)i

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

Acronis Cyber Infrastructure (ACI) allows an unauthenticated user to execute commands remotely due to the use of default passwords.

πŸ”΄
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
⏰CISA DEADLINE: 19 sierpnia 2024
CWE
References

Related vulnerabilities

CVE-2023-2360HIGH7.5ten sam produkt

Sensitive information disclosure due to CORS misconfiguration. The following products are affected: Acronis Cy...

CVE-2023-2782MEDIUM5.5ten sam produkt

Sensitive information disclosure due to improper authorization. The following products are affected: Acronis C...

CVE-2026-28710CRITICAL9.8PL βœ“ten sam vendor

Ujawnienie danych i manipulacja przez nieprawidΕ‚owe uwierzytelnianie w Acronis Cyber Protect 17

CVE-2025-30412CRITICAL10.0PL βœ“ten sam vendor

Acronis Cyber Protect β€” ujawnienie i manipulacja danych przez bΕ‚Δ…d uwierzytelniania

CVE-2025-30411CRITICAL10.0PL βœ“ten sam vendor

Acronis Cyber Protect β€” krytyczna luka uwierzytelnienia (CVSS 10.0)

CVE-2023-45249 β€” Acronis β€” Cyber Infrastructure β€” CRITICAL β€” CVSS 9.8 | CVEbaza.pl