<
p style=”text-align: justify;”>Cleo Communications’ file transfer software is under active attack, with security researchers from Huntress revealing that a recently issued patch fails to address the critical flaws being exploited. This ongoing vulnerability poses a significant threat to sectors relying on Cleo’s software for logistics and supply chain operations.
The Vulnerabilities: Autorun Directory and CVE-2024-50623
Hackers are leveraging two key vulnerabilities in Cleo’s software:
- A feature that automatically executes files in the autorun directory.
- An arbitrary file-write flaw identified as CVE-2024-50623.
On December 3, Huntress reported that Cleo’s LexiCom, VLTransfer, and Harmony software solutions are affected by these issues. Despite the company issuing a patch on the same day, Huntress stated that it “does not mitigate the software flaw.” This leaves users vulnerable until a new, effective patch is developed.
Cleo’s Response and Planned Mitigations
During a Zoom session with cybersecurity researchers, Cleo’s team acknowledged the flaws and committed to designing a second patch. Earlier in the week, Cleo identified an unauthenticated malicious host vulnerability that could lead to remote code execution, although its CVE identifier is still pending.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents