A high-risk vulnerability in popular file transfer technology is being actively exploited by hackers to launch mass hacks. The CVE-2024-50623 flaw, found in software developed by Illinois-based enterprise company Cleo, affects its LexiCom, VLTransfer, and Harmony tools.
Cleo initially warned of the issue on October 30 and released a patch, but Huntress security researchers have discovered that it does not mitigate the vulnerability. Since December 3, Huntress has seen threat actors exploiting this software en masse, compromising at least 24 businesses, including consumer product companies, logistics firms, and food suppliers.
Shodan lists hundreds of vulnerable Cleo servers, mostly in the US. The company has over 4,200 customers, including prominent companies like Illumina and New Balance. Huntress is recommending that these customers move their internet-exposed systems behind a firewall until a new patch is released.
The exploit is attributed to hackers who have been targeting enterprise file transfer tools. Last year, Russia-linked ransomware gangs exploited similar vulnerabilities in Progress Software’s MOVEit Transfer product and Fortra’s GoAnywhere managed file transfer software.
Source: https://techcrunch.com/2024/12/10/hackers-are-exploiting-a-flaw-in-popular-file-transfer-tools-to-launch-mass-hacks-again