Cleo

The Clop ransomware group has claimed to successfully exploit a vulnerability in Cleo's file transfer products, affecting the Harmony, VLTrader, and LexiCom software versions prior to 5.8.0.21. Despite the release of a patch, the flaw remained exploitable, leading to the unauthorized access to data of 59 companies. While multiple companies disputed the breach, the significance of the exploited vulnerability is substantial, as it allowed remote code execution. The incident caught widespread attention as Clop threatened to release stolen data publicly, indicating a severe impact on the affected companies' confidentiality and potential operational capabilities.

Source: https://securityaffairs.com/173135/cyber-crime/clop-ransomware-gang-claims-hack-of-cleo-file-transfer-customers.html

"id": "hic000011725",
"linkid": "hicleo",
"type": "Ransomware",
"date": "1/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"