Acronis Cybersecurity Flaw Actively Exploited: Urgent Patch Recommended

Acronis, a leading Swiss cybersecurity firm, is sounding the alarm for customers to install a critical patch released nine months prior. This call to action comes as the company confirms active exploitation of a severe vulnerability in their systems.

High-Risk Vulnerability Alert

The security loophole in question is identified as CVE-2023-45249 and is considered critical, with a 9.8 severity score. It allows threat actors to execute remote commands on affected servers by exploiting default passwords set by the system. The vulnerability poses a significant risk of unauthorized access and potential damage or data theft.

Versions at Risk

Acronis Cyber Infrastructure (ACI), the software impacted by this vulnerability, is utilized by over 20,000 service providers globally, safeguarding operations across 150 countries. Its purpose is to deliver secure and efficient resources for storage, computing, and networking tasks. The issue spans across multiple versions of ACI, making it imperative for users to ensure their systems are updated with the latest security measures.

The company emphatically reiterates the necessity of applying the patch, stating, "This update contains fixes for 1 critical severity security vulnerability and should be installed immediately by all users. This vulnerability is known to be exploited in the wild."

Customer Advisory

Acronis urges customers to consult their product support lifecycle for guidelines on security updates to maintain the integrity of their cybersecurity solutions.

In an era where cyber threats are ever-evolving, staying vigilant and proactive in applying software updates is not just recommended, it's essential for safeguarding digital assets.