CVE-2024-50623

Name of the Vulnerable Software and Affected Versions Cleo Harmony versions prior to 5.8.0.21 Cleo VLTrader versions prior to 5.8.0.21 Cleo LexiCom versions prior to 5.8.0.21

Description A critical vulnerability in Cleo's file transfer software is being actively exploited, allowing unauthenticated remote code execution. The vulnerability is caused by an unrestricted file upload and download issue, which can lead to remote code execution. The affected products are Cleo Harmony, VLTrader, and LexiCom. The vulnerability has been exploited in the wild, and over 4,200 organizations are potentially at risk. The Clop ransomware gang has been exploiting this vulnerability to gain access to sensitive data.

Recommendations For Cleo Harmony versions prior to 5.8.0.21: Update to version 5.8.0.21 or later as soon as possible. For Cleo VLTrader versions prior to 5.8.0.21: Update to version 5.8.0.21 or later as soon as possible. For Cleo LexiCom versions prior to 5.8.0.21: Update to version 5.8.0.21 or later as soon as possible. Additionally, consider disabling the "autorun" feature and monitoring for malicious files to prevent exploitation.