Widespread exploitation of Cleo file transfer software (CVE-2024-50623) | Rapid7 Blog
Tags
attack-pattern: Data Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Powershell - T1086 Scripting - T1064 Scripting
Show in Graph
Common Information
Type Value
UUID 313f566a-a6ab-41d6-883c-bbfd3eaa15fb
Fingerprint f9b71a56fff94e09
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 10, 2024, 2:04 p.m.
Added to db Dec. 10, 2024, 3:24 p.m.
Last updated Dec. 19, 2024, 7:31 a.m.
Headline Widespread exploitation of Cleo file transfer software (CVE-2024-50623)
Title Widespread exploitation of Cleo file transfer software (CVE-2024-50623) | Rapid7 Blog
Detected Hints/Tags/Attributes 24/1/3
Source URLs
Redirection Url
Details Source https://www.rapid7.com/blog/post/2024/12/10/etr-widespread-exploitation-of-cleo-file-transfer-software-cve-2024-50623/
Details Redirection https://blog.rapid7.com/2024/12/10/etr-widespread-exploitation-of-cleo-file-transfer-software-cve-2024-50623/
URL Provider
Details Provider Source level domain
Details rapid7.com blog.rapid7.com
Details rapid7.com www.rapid7.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 50 Rapid7 Cybersecurity Blog https://blog.rapid7.com/rss/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 48 
cve-2024-50623
Details Domain 365 
system.net
Details IPv4 29 
5.8.0.21