Hertz Confirms Data Breach After Hackers Stole Customer PII

Hertz confirms data breach linked to Cleo software flaw; Cl0p ransomware group leaked stolen data, exposing names, driver’s…...

Cleo < 5.8.0.24 Unrestricted File Upload

Cleo Harmony prior to 5.8.0.24, VLTrader prior to 5.8.0.24 and LexiCom prior to 5.8.0.24 are affected by a vulnerability allowing an unauthenticated attacker to upload an arbitrary file that could lead to remote code execution. No source data...

Cleo < 5.8.0.21 Unrestricted File Read/Upload

Cleo Harmony prior to 5.8.0.21, VLTrader prior to 5.8.0.21 and LexiCom prior to 5.8.0.21 are affected by a vulnerability allowing an unauthenticated attacker to read an arbitrary file or upload an arbitrary file that could lead to remote code execution. No source data...

PT-2024-9584

Name of the Vulnerable Software and Affected Versions Cleo Harmony versions prior to 5.8.0.24 Cleo VLTrader versions prior to 5.8.0.24 Cleo LexiCom versions prior to 5.8.0.24 Description The issue allows an unauthenticated user to import and execute arbitrary Bash or PowerShell commands on the ho...

Modular Java Backdoor Dropped in Cleo Exploitation Campaign

Many thanks to Rapid7 MDR and incident response teams for their contributions to this analysis. While investigating incidents related to Cleo software exploitation, Rapid7 Labs and MDR observed a novel, multi-stage attack that deploys an encoded Java Archive JAR payload. Our investigation reveale...