CVE-2024-55956

CRITICALCISA KEV

9.8

Description

In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory.

Details CVE

Score CVSS v3.19.8

SeveriteCRITICAL

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurNONE

Publie12/13/2024

Derniere modification11/4/2025

Sourcekev

Observations honeypot0

CISA KEV

FournisseurCleo

ProduitMultiple Products

Nom vulnerabiliteCleo Multiple Products Unauthenticated File Upload Vulnerability

Date ajout KEV2024-12-17

Date limite remediation2025-01-07

Utilise dans ransomwareKnown

Produits affectes

cleo:harmonycleo:lexicomcleo:vltrader

Faiblesses (CWE)

CWE-77CWE-77

References

https://support.cleo.com/hc/en-us/articles/28408134019735-Cleo-Product-Security-Advisory-CVE-Pending(cve@mitre.org)

https://support.cleo.com/hc/en-us/articles/28408134019735-Cleo-Product-Security-Update(af854a3a-2127-422b-91ae-364da2661108)

https://www.huntress.com/blog/threat-advisory-oh-no-cleo-cleo-software-actively-being-exploited-in-the-wild(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-55956(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.