Tag: CVE-2024-50623

5 Attack Reports | 1 Vulnerabilities

Attack reports

CL0P Ransomware: Latest Attacks

The Cl0p ransomware group has recently targeted 43 organizations across various industries, with a focus on Manufacturing, Retail, and Transportation sectors. The majority of victims are located in the US, Canada, and Europe. The attackers likely exploited the Cleo vulnerability (CVE-2024-50623) fo…
ransomware
data exfiltration
transportation
CVE-2024-50623
manufacturing
retail
2025-02-12
ta505
cl0p
cleo vulnerability
evil corp
Published: February 12, 2025
Downloadable IOCs: 6

Protecting Against the Exploited CVEs in the Cleo Data Theft Attacks

The Clop ransomware group has exploited critical vulnerabilities in Cleo's managed file transfer software, specifically CVE-2024-50623 and CVE-2024-55956. These vulnerabilities allow unrestricted file upload/download and execution of arbitrary commands. Imperva has observed over 1 million exploitat…
ransomware
powershell
data theft
extortion
persistence
CVE-2024-50623
CVE-2024-55956
2025-01-22
clop
file transfer
Published: January 22, 2025
Downloadable IOCs: 2

Cleopatra's Shadow: A Mass Exploitation Campaign Deploying a Java Backdoor Through Zero-Day Exploitation of Cleo MFT Software

A mass exploitation campaign targeting Cleo Managed File Transfer (MFT) products was observed in December 2024. The attackers exploited a zero-day vulnerability to deploy a Java-based backdoor dubbed Cleopatra. The campaign began on December 7 and is ongoing. The attack chain involves an obfuscated…
CVE-2024-50623
2024-12-13
cleo mft
cleopatra
Published: December 13, 2024
Downloadable IOCs: 0

New Cleo zero-day RCE flaw exploited in data theft attacks

A critical zero-day vulnerability in Cleo's managed file transfer software is being actively exploited by hackers to breach corporate networks and steal data. The flaw affects Cleo LexiCom, VLTrader, and Harmony products, allowing unrestricted file upload and downloads leading to remote code execut…
data theft
zero-day
CVE-2024-50623
rce
termite
cleo
lexicom
2024-12-11
vltrader
cleo harmony
Published: December 11, 2024
Downloadable IOCs: 0

Cleo Software Actively Being Exploited in the Wild

A critical vulnerability in Cleo's LexiCom, VLTransfer, and Harmony software, used for file transfer management, is being actively exploited. The flaw allows unauthenticated remote code execution, affecting all versions up to and including 5.8.0.21. Attackers are exploiting this vulnerability to dr…
vulnerability
CVE-2024-50623
2024-12-10
cleo
file transfer software
lexicom
vltransfer
harmony
Published: December 10, 2024
Downloadable IOCs: 4
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-50623

8.8
    Cleo Harmony
  • Version(s): before 5.8.0.20
    VLTrader
  • Version(s): before 5.8.0.20
    LexiCom
  • Version(s): before 5.8.0.20
Published: October 28, 2024
Click here to see more Vulnerabilities