What is the Vulnerability?An unrestricted file upload and download vulnerability (CVE-2024-50623) that could lead to remote code execution, affecting multiple Cleo products is being actively exploited in the wild. The vulnerability affects the following Cleo products (versions before and including 5.8.0.21)-Cleo Harmony -Cleo VLTrader -Cleo LexiCom Cleo is a software company focused on Managed File Transfer (MFT) solutions. Its products-Cleo VLTrader, Cleo Harmony, and Cleo LexiCom facilitates secure file transfers, B2B integration, and streamlines data exchange and integration.On December 13, 2024, CISA confirmed that the CVE-2024-50623, is being actively exploited, including in Ransomware campaigns and has been added to the Known Exploited Vulnerabilities (KEV) catalog.What is the recommended Mitigation?FortiGuard Labs strongly advises all Cleo customers to immediately upgrade instances of Harmony, VLTrader, and LexiCom to the latest released patch as released and follow: Cleo Product Security Advisory – CVE-2024-50623 – CleoWhat FortiGuard Coverage is available?FortiGuard recommends users to apply the fix provided by the vendor and follow instructions as mentioned on the vendor’s advisory. FortiGuard Web Filtering service blocks all the known Indicators of Compromise (IoCs) related to the campaigns targeting the Cleo Vulnerability. FortiGuard IPS protection coverage is under review, and this report will be updated as new coverage becomes available.The FortiGuard Incident Response team can be engaged to help with any suspected compromise.
Category Archives: Advisories
DSA-5833-1 dpdk – security update
A buffer overflow was discovered in the vhost code of DPDK, a set of
libraries for fast packet processing, which could result in denial of
service or the execution of arbitrary code by malicious
guests/containers.
USN-7163-1: Linux kernel vulnerability
A security issue was discovered in the Linux kernel.
An attacker could possibly use this to compromise the system.
This update corrects flaws in the following subsystem:
– Network traffic control;
sympa-6.2.74-1.el10_0
FEDORA-EPEL-2024-5b320e416d
Packages in this update:
sympa-6.2.74-1.el10_0
Update description:
Update to 6.2.74, fix for CVE-2024-55919
Full changelog: https://github.com/sympa-community/sympa/releases/tag/6.2.74
sympa-6.2.74-1.fc40
FEDORA-2024-14c006b8bb
Packages in this update:
sympa-6.2.74-1.fc40
Update description:
Update to 6.2.74, fix for CVE-2024-55919
Full changelog: https://github.com/sympa-community/sympa/releases/tag/6.2.74
sympa-6.2.74-1.el8
FEDORA-EPEL-2024-1183ac8862
Packages in this update:
sympa-6.2.74-1.el8
Update description:
Update to 6.2.74, fix for CVE-2024-55919
Full changelog: https://github.com/sympa-community/sympa/releases/tag/6.2.74
sympa-6.2.74-1.fc41
FEDORA-2024-88ad2bee84
Packages in this update:
sympa-6.2.74-1.fc41
Update description:
Update to 6.2.74, fix for CVE-2024-55919
Full changelog: https://github.com/sympa-community/sympa/releases/tag/6.2.74
sympa-6.2.74-1.el9
FEDORA-EPEL-2024-a5952fc093
Packages in this update:
sympa-6.2.74-1.el9
Update description:
Update to 6.2.74, fix for CVE-2024-55919
Full changelog: https://github.com/sympa-community/sympa/releases/tag/6.2.74
USN-7161-1: Docker vulnerabilities
Yair Zak discovered that Docker could unexpectedly forward DNS requests
from internal networks in an unexpected manner. An attacker could possibly
use this issue to exfiltrate data by encoding information in DNS queries
to controlled nameservers. This issue was only addressed in
Ubuntu 24.04 LTS. (CVE-2024-29018)
Cory Snider discovered that Docker did not properly handle authorization
plugin request processing. An attacker could possibly use this issue to
bypass authorization controls by forwarding API requests without their
full body, leading to unauthorized actions. (CVE-2024-41110)
USN-7162-1: curl vulnerability
Harry Sintonen discovered that curl incorrectly handled credentials from
.netrc files when following HTTP redirects. In certain configurations, the
password for the first host could be leaked to the followed-to host,
contrary to expectations.