vulnerability
3CX: CVE-2023-29059: Desktop app backdoor
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Mar 29, 2023 | Mar 30, 2023 | Apr 12, 2023 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Mar 29, 2023
Added
Mar 30, 2023
Modified
Apr 12, 2023
Description
The 3CX desktop client available for Windows and Mac has been trojanised and is currently providing a backdoor in a in a suspected state-sponsored threat campaign.
This check is flagging on the detection of the desktop app before 18.12.425 due to 3CX advising to avoid using the Electron App at all unless there is absolutely no alternative.
Solution
3cx-desktop-app-backdoor
References
- CVE-2023-29059
- https://attackerkb.com/topics/CVE-2023-29059
- URL-https://nvd.nist.gov/vuln/detail/CVE-2023-29059/
- URL-https://www.rapid7.com/blog/post/2023/03/30/backdoored-3cxdesktopapp-installer-used-in-active-threat-campaign/
- URL-https://www.3cx.com/blog/news/desktopapp-security-alert-updates/
- URL-https://www.sentinelone.com/blog/smoothoperator-ongoing-campaign-trojanizes-3cx-software-in-software-supply-chain-attack//
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.