One Article Review
| Source |  CybeReason |
|---|---|
| Identifiant | 8626734 |
| Date de publication | 2024-12-17 18:18:17 (vue: 2024-12-17 21:08:04) |
| Titre | CVE-2024-55956: Zero-Day Vulnerability in Cleo Software Could Lead to Data Theft |
| Texte |
Key Takeaways
Zero-day vulnerability was discovered in 3 Cleo products, tracked as CVE-2024-55956
Cleo is the developer of various managed file transfer platforms with approximately 4,000 customers, mostly mid-sized organizations
CVE-2024-55956 could allow unauthenticated users to import and execute arbitrary Bash or PowerShell commands on host systems by leveraging default settings of the Autorun directory
Threat actor group, CL0P, has claimed responsibility for vulnerability exploitation with the goal of data theft
We recommend upgrading to version 5.8.0.24 immediately
|
| Notes | ★★ |
| Envoyé | Oui |
| Condensat | 000 2024 55956 55956: |
| Tags | Vulnerability Threat |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.