U.S. CISA adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog

Share:

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability CVE-2024-50623 (CVSS score 8.8), which impacts multiple Cleo products to its Known Exploited Vulnerabilities (KEV) catalog.

“Cleo has identified an unrestricted file upload and download vulnerability (CVE-2024-50623) that could lead to remote code execution.” reads the advisory. “Cleo strongly advises all customers to immediately upgrade instances of Harmony, VLTrader, and LexiCom to the latest released patch (version 5.8.0.21) to address additional discovered potential attack vectors of the vulnerability. ”

The vulnerability affects the following products LexiCom before version 5.8.0.21, Harmony prior to version 5.8.0.21, and VLTrader prior to version 5.8.0.21.

On December 9, reports of active exploitation targeting Cleo file transfer software began circulating among cybersecurity community. Security firm Huntress publicly disclosed ongoing exploitation involving three different Cleo products.

“On December 3, Huntress identified an emerging threat involving Cleo’s LexiCom, VLTransfer, and Harmony software, commonly used to manage file transfers.” reads the post published by Huntress. “We’ve directly observed evidence of threat actors exploiting this software en masse and performing post-exploitation activity.”

Huntress researchers created a proof of concept and learned the patch does not mitigate the software flaw. The experts warned that fully patched systems running 5.8.0.21 are still exploitable.

Caleb Stewart, a Principal Security Researcher, developed a Python script exploiting an arbitrary file-write vulnerability. This script successfully placed files in the autoruns subdirectory, demonstrating the execution capability. The method was tested against both LexiCom and VLTrader software, with versions 5.8.0.0 and the patched 5.8.0.21, confirming the exploit’s effectiveness.

Caleb Stewart, a Principal Security Researcher, developed a Python script exploiting an arbitrary file-write vulnerability. This script successfully placed files in the autoruns subdirectory, demonstrating the execution capability. The researchers tested the PoC against both LexiCom and VLTrader software, with versions 5.8.0.0 and the patched 5.8.0.21, confirming the exploit’s effectiveness.

Huntress researchers published Indicators of Compromise (IOCs) for attacks exploiting this vulnerability.

According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.

Experts also recommend private organizations review the Catalog and address the vulnerabilities in their infrastructure.

CISA orders federal agencies to fix this vulnerability by January 3, 2025.

Source

Leave a Comment

Your email address will not be published. Required fields are marked *

loader-image
London, GB
4:54 am, Apr 2, 2025
weather icon 7°C
L: 5° | H: 8°
clear sky
Humidity: 79 %
Pressure: 1023 mb
Wind: 4 mph E
Wind Gust: 7 mph
UV Index: 0
Precipitation: 0 mm
Clouds: 0%
Rain Chance: 0%
Visibility: 10 km
Sunrise: 6:33 am
Sunset: 7:34 pm
DailyHourly
Daily ForecastHourly Forecast
Today 10:00 pm
weather icon
5° | 8°°C 0 mm 0% 15 mph 78 % 1023 mb 0 mm/h
Tomorrow 10:00 pm
weather icon
9° | 16°°C 0 mm 0% 11 mph 85 % 1022 mb 0 mm/h
Fri Apr 04 10:00 pm
weather icon
10° | 18°°C 0 mm 0% 14 mph 85 % 1022 mb 0 mm/h
Sat Apr 05 10:00 pm
weather icon
7° | 17°°C 0 mm 0% 12 mph 76 % 1022 mb 0 mm/h
Sun Apr 06 10:00 pm
weather icon
7° | 14°°C 0 mm 0% 11 mph 76 % 1025 mb 0 mm/h
Today 7:00 am
weather icon
7° | 7°°C 0 mm 0% 10 mph 78 % 1023 mb 0 mm/h
Today 10:00 am
weather icon
11° | 12°°C 0 mm 0% 14 mph 65 % 1023 mb 0 mm/h
Today 1:00 pm
weather icon
15° | 15°°C 0 mm 0% 15 mph 49 % 1022 mb 0 mm/h
Today 4:00 pm
weather icon
15° | 15°°C 0 mm 0% 15 mph 56 % 1021 mb 0 mm/h
Today 7:00 pm
weather icon
13° | 13°°C 0 mm 0% 12 mph 61 % 1021 mb 0 mm/h
Today 10:00 pm
weather icon
10° | 10°°C 0 mm 0% 10 mph 69 % 1021 mb 0 mm/h
Tomorrow 1:00 am
weather icon
10° | 10°°C 0 mm 0% 10 mph 76 % 1021 mb 0 mm/h
Tomorrow 4:00 am
weather icon
9° | 9°°C 0 mm 0% 9 mph 80 % 1020 mb 0 mm/h
Name Price24H (%)
Bitcoin(BTC)
€78,332.99
1.95%
Ethereum(ETH)
€1,739.32
2.41%
Tether(USDT)
€0.93
0.02%
XRP(XRP)
€1.94
0.31%
Solana(SOL)
€115.30
-1.06%
USDC(USDC)
€0.93
0.00%
Dogecoin(DOGE)
€0.158813
1.82%
Shiba Inu(SHIB)
€0.000011
-1.89%
Pepe(PEPE)
€0.000007
3.55%
Scroll to Top