CVE-2023-45249

CRITICAL

CVSS v3

9.8

CRITICAL

EPSS Score

93.2%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132.

Technical Details

Published
7/24/2024

Frequently Asked Questions

What is CVE-2023-45249?

Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132.

Is CVE-2023-45249 actively exploited?

Active exploitation of CVE-2023-45249 has not been confirmed. The EPSS score is 93.2%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2023-45249?

CVE-2023-45249 has a CVSS v3 base score of 9.8 (CRITICAL severity).

Is CVE-2023-45249 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.