Comment on page
Advisory on CVE-2023-45247
On October 9, 2023, Acronis disclosed a vulnerability in its Acronis Agent for Linux, Mac, and Windows. This vulnerability may allow an unauthorized attacker to view and manipulate antivirus and antimalware protection plans applied to a specific agent. CVE-2023-45247 ID has been assigned to this vulnerability and classified as having high severity.
Product Ranges | Product | Impacted | Mitigated | Patch Status |
---|---|---|---|---|
Managed Services | Managed Backup | No | Not applicable | Not applicable |
Managed Services | Acronis Agent for Windows, Linux, and Mac | Yes | No | Will be available in late November |
IONOS and Acronis are in constant communication to gain a deeper understanding of this vulnerability and also ensure that:
- There are no signs of active exploitation resulting from the vulnerability. For more information, see Acronis Cyber Protect Cloud Agent update C23.10.
- The vulnerability does not allow unauthorized access to IONOS Cloud customers’ backup data. IONOS Cloud will publish the non-vulnerable versions of agents when Acronis shares the information, estimated to be by the end of November 2023.
Last modified 1mo ago