Security News > 2024 > July > Acronis warns of Cyber Infrastructure default password abused in attacks

Acronis warns of Cyber Infrastructure default password abused in attacks
2024-07-26 16:39

Acronis warned customers to patch a critical Cyber Infrastructure security flaw that lets attackers bypass authentication on vulnerable servers using default credentials.

Acronis Cyber Protect is a unified multi-tenant platform that combines remote endpoint management, backup, and virtualization capabilities and helps run disaster recovery workloads and store enterprise backup data securely.

Unauthenticated attackers can exploit the vulnerability in low-complexity attacks that don't require user interaction to gain remote code execution on unpatched ACI servers.

"Keeping the software up to date is important to maintain the security of your Acronis products. For guidelines on the availability of support and security updates, see Acronis products support lifecycle."

To check if your servers are vulnerable, you can find Acronis Cyber Protect's build number by going into the Help -> About dialog box from the software's main window.

Progress warns of critical RCE bug in Telerik Report Server.


News URL

https://www.bleepingcomputer.com/news/security/acronis-warns-of-cyber-infrastructure-default-password-abused-in-attacks/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Acronis 14 0 39 83 7 129