On October 9, 2023, Acronis disclosed a vulnerability in its Acronis Agent for Linux, Mac, and Windows. This vulnerability may allow an unauthorized attacker to view and manipulate antivirus and antimalware protection plans applied to a specific agent. CVE-2023-45247 ID has been assigned to this vulnerability and classified as having high severity.
| Product Ranges | Product | Impacted | Mitigated | Patch Status |
|---|---|---|---|---|
IONOS and Acronis are in constant communication to gain a deeper understanding of this vulnerability and also ensure that:
There are no signs of active exploitation resulting from the vulnerability. For more information, see Acronis Cyber Protect Cloud Agent update C23.10.
The vulnerability does not allow unauthorized access to IONOS Cloud customers’ backup data. IONOS Cloud will publish the non-vulnerable versions of agents when Acronis shares the information, estimated to be by the end of November 2023.
If you have further questions or concerns about this vulnerability, contact IONOS Cloud Support.
Managed Services
Backup Service
No
Not applicable
Not applicable
Managed Services
Acronis Agent for Windows, Linux, and Mac
Yes
No
Will be available in late November