CVE-2024-50623

Nov. 15, 2024, 4:15 p.m.

8.8
High

Description

In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution.

Product(s) Impacted

Product Versions
Cleo Harmony
  • ['before 5.8.0.20']
VLTrader
  • ['before 5.8.0.20']
LexiCom
  • ['before 5.8.0.20']

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

https://support.cleo.com/hc/en-us/articles/27140294267799-Cleo-Product-Security-Advisory

Tags

cve@mitre.org
CWE-79
2024-10-28
CVE-2024-50623

CVSS Score

8.8 / 10

CVSS Data - 3.1

  • Attack Vector: NETWORK
  • Attack Complexity: LOW
  • Privileges Required: NONE
  • Scope: UNCHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: HIGH
  • Availability Impact: HIGH

    • CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

    View Vector String

Timeline

Published: Oct. 28, 2024, 12:15 a.m.
Last Modified: Nov. 15, 2024, 4:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

Relations

Here is the list of observables linked to the vulnerability CVE-2024-50623 using threat intelligence.

  • Cl0p
  • Cobalt Strike
  • Cl0p

Linked Attack Reports

Widespread Exploitation of Cleo File Transfer Software

Critical vulnerabilities in Cleo file transfer products, including VLTrader, Harmony, and LexiCom, are being actively exploited. Initially stemming from an insufficient patch for CVE-2024-50623, a new critical vulnerability (CVE-2024-55956) allows unauthenticated users to execute arbitrary commands…
cleo
CVE-2024-55956
2024-12-16
Published: December 16, 2024
Linked vulnerabilities : CVE-2024-50623 (CVSS 8.8), CVE-2024-55956 (CVSS 9.8)
Downloadable IOCs: 6

CL0P Ransomware: Latest Attacks

The Cl0p ransomware group has recently targeted 43 organizations across various industries, with a focus on Manufacturing, Retail, and Transportation sectors. The majority of victims are located in the US, Canada, and Europe. The attackers likely exploited the Cleo vulnerability (CVE-2024-50623) fo…
ransomware
data exfiltration
transportation
CVE-2024-50623
manufacturing
retail
2025-02-12
ta505
cl0p
cleo vulnerability
evil corp
Published: February 12, 2025
Linked vulnerabilities : CVE-2024-50623 (CVSS 8.8)
Downloadable IOCs: 6

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.