#VU74216 Embedded malicious code (backdoor) in Electron Mac App and Electron Windows App - CVE-2023-29059
Published: March 30, 2023 / Updated: November 27, 2023
Vulnerability identifier: #VU74216
Vulnerability risk: Critical
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red
CVE-ID: CVE-2023-29059
CWE-ID: CWE-506
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vulnerable software:
Electron Mac App
Electron Windows App
Electron Mac App
Electron Windows App
Software vendor:
3CX
3CX
Description
The vulnerability allows a remote attacker to gain unauthorized access to the application.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor) that allows a remote attacker to gain unauthorized access to the application.
Remediation
Install update from vendor's website.
External links
- https://www.3cx.com/blog/news/desktopapp-security-alert/
- https://www.sentinelone.com/blog/smoothoperator-ongoing-campaign-trojanizes-3cx-software-in-software-supply-chain-attack/
- https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
- https://success.trendmicro.com/dcx/s/solution/000292711?language=en_US