Notices where this attachment appears
-
Embed this notice
Caitlin Condon (catc0n@infosec.exchange)'s status on Monday, 16-Dec-2024 23:57:30 JST 
Caitlin Condon
Full Rapid7 analysis of #Cleo CVE-2024-55956 now available c/o @stephenfewer. It's neither a patch bypass of CVE-2024-50623 nor part of a chain after all — totally new bug, different exploitation strategies across the two issues (though the same endpoint gets used either way).
I'm not sure it's been mentioned much yet that Cleo evidently released IOCs related to CVE-2024-50623 in October 2024, implying the older bug's been exploited for a minute. Would sure be helpful to know more about who was doing that exploiting, particularly now that Cl0p has claimed credit for last week's attack.
https://attackerkb.com/topics/geR0H8dgrE/cve-2024-55956/rapid7-analysis
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.