CVE-2024-55956

CRITICAL 9.8

⚠️ CISA KEV

CVSS Score

9.8

EPSS Score

0.0%

EPSS Percentile

0th

In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory.

Vendor	n/a
Product	n/a
Published	Dec 13, 2024
Last Updated	Oct 21, 2025

⚠️ Actively Exploited — Act Now

Get instant alerts for n/a n/a

This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2024-55956.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

n/a / n/a

n/a

References

NVD ↗ CVE.org ↗ EPSS Data ↗

support.cleo.com: https://support.cleo.com/hc/en-us/articles/28408134019735-Cleo-Product-Security-Advisory-CVE-Pending support.cleo.com: https://support.cleo.com/hc/en-us/articles/28408134019735-Cleo-Product-Security-Update huntress.com: https://www.huntress.com/blog/threat-advisory-oh-no-cleo-cleo-software-actively-being-exploited-in-the-wild cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-55956