Organizations have been warned by Acronis regarding ongoing intrusions leveraging an already patched critical security issue to stealthily infiltrate its unified multi-tenant endpoint management, virtualization, and backup platform Acronis Cyber Protect with default credentials, according to BleepingComputer.
Threat actors exploiting the flaw, tracked as CVE-2023-45249, could facilitate remote code execution without any authentication or user interaction in Acronis Cyber Protect instances before builds 5.0.1-61, 5.1.1-71, 5.2.1-69, 5.3.1-53, and 5.4.4-132, noted Acronis in an alert last week, which called for the immediate implementation of updates that were issued nine months ago. Moreover, vulnerable instances could be verified by looking for their implementations' build number via the "About" dialog box within the main window's "Help" section. "Keeping the software up to date is important to maintain the security of your Acronis products. For guidelines on the availability of support and security updates, see Acronis products support lifecycle," Acronis said.
