- Description
- In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Cleo Multiple Products Unauthenticated File Upload Vulnerability
- Exploit added on
- Dec 17, 2024
- Exploit action due
- Jan 7, 2025
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-276
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
5
#threatreport #LowCompleteness Cleo File Transfer Vulnerabilities (CVE-2024-50623, CVE-2024-55956) - Cl0P s Latest Attack Vector | 16-12-2024 Source: https://t.co/DxVI7lFxpC Key details below ↓ 💀Threats: Clop, Termite, Supply_chain_technique, Malichus, 🎯Victims: Blue yonder…
@rst_cloud
17 Dec 2024
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2024-55956 #Cleo Multiple Products Unauthenticated File Upload Vulnerability https://t.co/Nuie3VC6Ix
@ScyScan
17 Dec 2024
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added a #Cleo unauthenticated file upload vulnerability, CVE-2024-55956, to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/0QjOFgPFq2
@CISACyber
17 Dec 2024
834 Impressions
1 Retweet
3 Likes
3 Bookmarks
0 Replies
1 Quote
In response to CL0P breach concerns, I investigated CLEO’s CVE-2024-55956 mitigation. Among CLEO server IPs identified via Shodan/Censys, those accessible via HTTP/S were examined. As of today, 60% (553) of 925 public servers remain unpatched. https://t.co/Ll3Xr9tR91
@nekono_naha
17 Dec 2024
1135 Impressions
0 Retweets
10 Likes
2 Bookmarks
1 Reply
0 Quotes
CVE-2024-55956: https://t.co/AHyOXDObgN #vulnerability #cve #cybersecurity #exploitation #exploit
@blackstormsecbr
16 Dec 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Very well done write-up forCVE-2024-55956 by @Rapid7's emerging threat team: https://t.co/eGbsYAt8eu - Very much appreciated.
@Junior_Baines
16 Dec 2024
1003 Impressions
3 Retweets
16 Likes
2 Bookmarks
0 Replies
0 Quotes
Cleo File Transfer Vulnerabilities (CVE-2024-50623, CVE-2024-55956) – Cl0P’s Latest Attack Vector https://t.co/R7uAQhqQJY Cleo File Transfer Vulnerabilities (CVE-2024-50623, CVE-2024-55956) – Cl0P’s Latest Attack Vector Recently, vulnerabilities in Cleo’s file transfer softw…
@f1tym1
16 Dec 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We have published our @rapid7 analysis of the new Cleo vuln, now known as CVE-2024-55956. An unauthenticated file write affecting LexiCom, VLTrader, and Harmony versions 5.8.0.23 and below, that can be leveraged to achieve unauth RCE. Full analysis here: https://t.co/KuTfeHIGif h
@stephenfewer
16 Dec 2024
8741 Impressions
24 Retweets
69 Likes
24 Bookmarks
2 Replies
2 Quotes
CVE-2024-55956 In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell co… https://t.co/uquOFcQJZF
@CVEnew
14 Dec 2024
465 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes