Lucene search
PRIOn knowledge basePRION:CVE-2023-29059HistoryMar 30, 2023 - 5:15 p.m.
Code injection
2023-03-3017:15:00
PRIOn knowledge base
www.prio-n.com
11
3cx desktopapp
code injection
electron windows
electron macos
update 7
security vulnerability
3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. This affects versions 18.12.407 and 18.12.416 of the 3CX DesktopApp Electron Windows application shipped in Update 7, and versions 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 of the 3CX DesktopApp Electron macOS application.
References
cwe.mitre.org/data/definitions/506.html
news.sophos.com/en-us/2023/03/29/3cx-dll-sideloading-attack/
www.3cx.com/blog/news/desktopapp-security-alert/
www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
www.fortinet.com/blog/threat-research/3cx-desktop-app-compromised
www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Related
cvelist
cvelist
CVE-2023-29059
2023-03-30 00:00:00
qualysblog
qualysblog
3CXDesktopApp Backdoored in a Suspected Lazarus Campaign
2023-04-04 00:16:01
Qualys Survey of Top 10 Exploited Vulnerabilities in 2023
2023-09-26 13:04:00
2023 Threat Landscape Year in Review: If Everything Is Critical, Nothing Is
2023-12-19 15:00:00
thn
thn
North Korean Hackers Uncovered as Mastermind in 3CX Supply Chain Attack
2023-04-12 04:06:00
3CX Supply Chain Attack — Here's What We Know So Far
2023-03-31 09:37:00
Cryptocurrency Companies Targeted in Sophisticated 3CX Supply Chain Attack
2023-04-04 03:54:00
nvd
nvd
CVE-2023-29059
2023-03-30 17:15:06
nessus
nessus
3CX DesktopApp Malware
2023-03-30 00:00:00
attackerkb
attackerkb
CVE-2023-29059
2023-03-30 00:00:00
rapid7blog
rapid7blog
Backdoored 3CXDesktopApp Installer Used in Active Threat Campaign
2023-03-30 12:24:40
cve
cve
CVE-2023-29059
2023-03-30 17:15:06