CVE-2024-55956

CRITICALCISA KEV

9.8

Descricao

In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory.

Detalhes CVE

Pontuacao CVSS v3.19.8

SeveridadeCRITICAL

Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vetor de ataqueNETWORK

ComplexidadeLOW

Privilegios necessariosNONE

Interacao do usuarioNONE

Publicado12/13/2024

Ultima modificacao11/4/2025

Fontekev

Avistamentos honeypot0

CISA KEV

FornecedorCleo

ProdutoMultiple Products

Nome da vulnerabilidadeCleo Multiple Products Unauthenticated File Upload Vulnerability

Data inclusao KEV2024-12-17

Prazo de remediacao2025-01-07

Uso em ransomwareKnown

Produtos afetados

cleo:harmonycleo:lexicomcleo:vltrader

Fraquezas (CWE)

CWE-77CWE-77

Referencias

https://support.cleo.com/hc/en-us/articles/28408134019735-Cleo-Product-Security-Advisory-CVE-Pending(cve@mitre.org)

https://support.cleo.com/hc/en-us/articles/28408134019735-Cleo-Product-Security-Update(af854a3a-2127-422b-91ae-364da2661108)

https://www.huntress.com/blog/threat-advisory-oh-no-cleo-cleo-software-actively-being-exploited-in-the-wild(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-55956(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.