CA has released a Security Notice and software patches to address a vulnerability in ACRserve Backup. This vulnerability is due to insufficient verification of client data. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code or crash the LDBserver service.

US-CERT encourages users to review the CA Security Notice and apply the appropriate patch to help mitigate the risks.

Read more: US-CERT Current Activity