Summary: Acronis has disclosed a critical security vulnerability (CVE-2024-8767) in its backup plugins for server management platforms, posing significant risks to users due to improper permission settings. Despite issuing patches over a year ago, many systems remain unpatched, making them vulnerable to severe data breaches and unauthorized operations.
Threat Actor: Unknown | unknown
Victim: Acronis users | Acronis users
Key Point :
- The vulnerability has a severity score of 9.9 on the CVSSv3.0, classifying it as Critical.
- It affects the Linux-based Acronis Backup plugin for widely used platforms like cPanel, Plesk, and DirectAdmin.
- Unpatched installations could be prime targets for attackers, risking severe data breaches or manipulation.
- Acronis has previously issued patches, but many systems remain unprotected.
- In July 2024, Acronis warned of another critical vulnerability (CVE-2023-45249) that allows remote code execution on unpatched servers.
In a recent advisory published on September 16th, data protection powerhouse Acronis disclosed a critical security vulnerability in its popular backup plugins for server management platforms like cPanel, Plesk, and DirectAdmin. The vulnerability, identified as CVE-2024-8767, poses a serious risk to users, with a severity score of 9.9 on the Common Vulnerability Scoring System (CVSSv3.0)—classifying it as Critical.
The vulnerability affects the Linux-based Acronis Backup plugin for cPanel & WHM, Plesk, and DirectAdmin, which are widely used by administrators to automate server and website backups. Acronis revealed that the flaw stems from permission settings within the plugins, which could lead to the leakage of sensitive information and allow unauthorized operations on affected servers. This means that without proper updates, servers running these plugins could be at risk of severe data breaches or manipulation.
Although Acronis issued patches for the CVE-2024-8767 flaw over a year ago—DirectAdmin version 1.2.0 in May 2023, and cPanel & WHM version 1.8.0 and Plesk version 1.8.0 in June 2023—the company’s latest advisory signals concern that many systems remain unpatched. Unprotected installations could be prime targets for attackers, particularly given the high-impact nature of the vulnerability.
In July 2024, Acronis issued a critical security alert urging customers to address a vulnerability in their Cyber Infrastructure product. This flaw, tracked as CVE-2023-45249, enables attackers to bypass authentication using default credentials and gain remote code execution on unpatched servers. The company confirmed active exploitation of this vulnerability and emphasized the urgent need for administrators to apply the necessary patches.
Related Posts:
Source: https://securityonline.info/acronis-backup-plugins-hit-by-cve-2024-8767-cvss-9-9-severity-alert