The vulnerability, tracked as CVE-2024-50623, pertains to unauthenticated remote code execution in Cleo's LexiCom, VLTransfer, and Harmony software, allowing threat actors to exploit the systems.
Despite the patches released for CVE-2024-50623, Huntress indicated that these do not fully eliminate the original software flaw, putting users at ongoing risk.
Cleo's advisory highlighted an additional vulnerability concerning unauthorized hosts that too could lead to remote code execution, amplifying concerns about the security of their software.
The attacks exploit a flaw allowing files in the 'autorun' directory to execute PowerShell commands, showcasing a significant threat to at least 10 businesses.
Collection
[
|
...
]