Security News > 2024 > December > Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged
2024-12-10 15:57
Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass exploitation of a vulnerability affecting fully patched systems. Cybersecurity company Huntress said it discovered evidence of threat actors exploiting the issue en masse on December 3, 2024. The vulnerability, which impacts Cleo's LexiCom,
News URL
https://thehackernews.com/2024/12/cleo-file-transfer-vulnerability-under.html
Related news
- PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs and Patch Released (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation (source)
- Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability (source)
- Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
- Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability (source)
- Patch Tuesday: Microsoft Patches One Actively Exploited Vulnerability, Among Others (source)
- BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products (source)
- Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected (source)