Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132.
The vulnerability results from the presence of default passwords (CWE-1393) in the Acronis Cyber Infrastructure product. An unauthenticated attacker operating over the network can exploit these default credentials to gain access to the system. After authentication, it is possible to remotely execute arbitrary commands on the vulnerable device. The lack of user interaction requirement and special privileges makes the attack exceptionally easy to carry out.
An attacker can take full control of the system β gain access to sensitive data, modify data or system configuration, and disrupt its availability (complete breach of confidentiality, integrity, and availability).
Acronis Cyber Infrastructure must be immediately updated to versions containing the patch: build 5.0.1-61, 5.1.1-71, 5.2.1-69, 5.3.1-53, or 5.4.4-132 (respectively for your branch). Detailed information is available in the vendor's advisory at security-advisory.acronis.com/advisories/SEC-6452. Additionally, ensure that default passwords have been changed to unique and strong values.
Acronis Cyber Infrastructure (ACI) in all versions before build 5.0.1-61, before build 5.1.1-71, before build 5.2.1-69, before build 5.3.1-53, and before build 5.4.4-132.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HAcronis Cyber Infrastructure
APPAcronis< 5.0.1-615.1.1 β 5.1.1-71 (bez)5.2.1 β 5.2.1-69 (bez)5.3.1 β 5.3.1-53 (bez)5.4.4 β 5.4.4-132 (bez)
CISA KEV β detailsi
- Vendori
- Acronis
- Producti
- Cyber Infrastructure (ACI)
- Added to KEVi
- July 29, 2024
- Remediation deadline (US Federal)i
- August 19, 2024(overdue)
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Acronis Cyber Infrastructure (ACI) allows an unauthenticated user to execute commands remotely due to the use of default passwords.
Related vulnerabilities
Sensitive information disclosure due to CORS misconfiguration. The following products are affected: Acronis Cy...
Sensitive information disclosure due to improper authorization. The following products are affected: Acronis C...
Ujawnienie danych i manipulacja przez nieprawidΕowe uwierzytelnianie w Acronis Cyber Protect 17
Acronis Cyber Protect β ujawnienie i manipulacja danych przez bΕΔ d uwierzytelniania
Acronis Cyber Protect β krytyczna luka uwierzytelnienia (CVSS 10.0)