Connect with Us!
Subscribe to receive new blog post from PureID in your mail box
Cleo’s popular file transfer software has fallen victim to a critical zero-day vulnerability, and the Termite ransomware group is wasting no time exploiting it. This flaw impacts Cleo’s Harmony, VLTrader, and LexiCom products—tools trusted by over 4,200 organizations in industries like logistics, manufacturing, and transportation.
Despite an earlier patch in October, the flaw (CVE-2024-50623) remains a serious threat, leaving businesses scrambling to protect their data and operations.
The vulnerability allows attackers to upload malicious files, execute commands remotely, and potentially steal sensitive data. First detected on December 3, the attacks have escalated rapidly, targeting industries like consumer goods and trucking.
While Cleo develops a new patch, here’s how you can mitigate the risk:
healthchecktemplate.txt
or .jar
files in Cleo directories.All signs point to Termite, a growing ransomware group that mirrors the infamous Clop gang in its operations. Termite has gained a reputation for targeting file transfer software vulnerabilities, and some experts speculate they could be filling the gap left by Clop’s declining activity.
Their tactics include deploying malicious web shells to maintain access, running reconnaissance tools to identify assets, and using stolen data as leverage in ransom demands.
The Cleo zero-day vulnerability serves as another reminder of how quickly ransomware groups exploit weaknesses in trusted software. Organizations relying on Cleo products need to act now to protect their systems and data.
The ripple effects of a breach like this extend far beyond the immediate victims. High-profile organizations like Target, Walmart, Lowes, CVS, The Home Depot, FedEx, Kroger, Wayfair, Dollar General, Victrola, and Duraflame, which rely on Cleo software, now face the risk of third-party breaches. Attackers targeting Cleo’s vulnerabilities could exploit access to these businesses’ supply chains, putting customer data and operations at risk.
Third-party breaches are a significant pain point for businesses today, exposing them to reputational damage, financial loss, and regulatory scrutiny. Companies must assess their supply chain security and demand transparency and accountability from vendors like Cleo.
Subscribe to receive new blog post from PureID in your mail box