CVE-2023-45249
Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability
CVSS
—
No CVSS
EPSS
53.3%
p99
KEV
YES
Jul 29, 2024
Exploit Today
80
0-100
Published: — · Last modified: —
Product
Acronis / Cyber Infrastructure (ACI)
Vulnerability
Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability
Added to KEV
Jul 29, 2024
Remediate by
Aug 19, 2024
Known ransomware use
No
Summary description
Acronis Cyber Infrastructure (ACI) allows an unauthenticated user to execute commands remotely due to the use of default passwords.
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes
https://security-advisory.acronis.com/advisories/SEC-6452; https://nvd.nist.gov/vuln/detail/CVE-2023-45249
No related CVEs by CWE or product.