CVE advisoryKnown Exploit
CVE-2024-55956
Cleo Software: Command Execution Risk
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
Certain Cleo products are susceptible to a vulnerability allowing unauthenticated command execution via default Autorun settings. This poses a risk of unauthorized system access and potential data compromise for affected organizations. The U.S. government has identified this as actively exploited.