Cleo is a global provider of enterprise integration solutions that help businesses optimize data flows, communication, and B2B (business-to-business) transactions. Recently, the Cl0p ransomware group claimed responsibility for the successful exploitation of vulnerabilities in Cleo products, including CVE-2024-50623. On December 13, 2024, Cleo released a security update addressing another critical vulnerability, CVE-2024-55956, affecting their Harmony, VLTrader, and LexiCom products up to version 5.8.0.24.

 

Given the high impact on confidentiality, integrity, and availability, and the involvement of the Cl0p ransomware group, customers are urged to prioritize patching after thorough testing.

 

The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing. 

 

 

The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion. CVE-2024-55956 is patched in versions 5.8.0.24 and later.

In case of an intrusion, you can report an incident via: https://ccb.belgium.be/en/cert/report-incident

While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.