Microsoft Warns of Zero-Day Vulnerability in SysAid Exploited by Clop Ransomware

November 10, 2023
Jamie Davidson
3 Min Read
November 10, 2023
Hacker ransomware

SysAid, a popular IT service management software vendor, warned customers on Thursday of a zero-day vulnerability in its software that is being exploited by the Clop ransomware gang. The vulnerability, tracked as CVE-2023-47246, allows attackers to gain remote code execution on affected SysAid servers.

Key Highlights:

  • A zero-day vulnerability in SysAid IT service management software is being exploited by the Clop ransomware gang.
  • The vulnerability allows attackers to gain remote code execution on affected SysAid servers.
  • Microsoft’s Threat Intelligence team discovered the vulnerability being exploited in the wild and alerted SysAid.
  • SysAid has released a patch for the vulnerability and is urging customers to update their software immediately.

Hacker ransomware

Microsoft’s Threat Intelligence team discovered the vulnerability being exploited in the wild and alerted SysAid. Microsoft has also released guidance for SysAid customers on how to patch the vulnerability and mitigate the risk of attack.

According to SysAid, the vulnerability affects on-premise versions of its software version 20.1.7 and earlier. SysAid has released a patch for the vulnerability and is urging customers to update their software immediately.

How the Clop Ransomware Gang is Exploiting the Vulnerability

Microsoft said that attackers are exploiting the SysAid vulnerability to issue commands via the SysAid software to deliver a malware loader for the Gracewire malware. This is typically followed by human-operated activity, including lateral movement, data theft, and ransomware deployment.

What SysAid Customers Can Do

SysAid is urging customers to update their software to the latest version as soon as possible. Customers can download the latest patch from the SysAid website.

In addition to patching the vulnerability, SysAid customers should also implement other security measures, such as:

  • Enabling multi-factor authentication for all users
  • Implementing strong password policies
  • Keeping their software up to date
  • Monitoring their networks for suspicious activity

The exploitation of the SysAid zero-day vulnerability by the Clop ransomware gang is a reminder of the importance of cybersecurity. Organizations should take steps to patch all known vulnerabilities and implement other security measures to protect their systems from attack.

SysAid, a popular IT service management software vendor, warned customers on Thursday of a zero-day vulnerability in its software that is being exploited by the Clop ransomware gang. The vulnerability, tracked as CVE-2023-47246, allows attackers to gain remote code execution on affected SysAid servers.

Microsoft’s Threat Intelligence team discovered the vulnerability being exploited in the wild and alerted SysAid. Microsoft has also released guidance for SysAid customers on how to patch the vulnerability and mitigate the risk of attack.

According to SysAid, the vulnerability affects on-premise versions of its software version 20.1.7 and earlier. SysAid has released a patch for the vulnerability and is urging customers to update their software immediately.

Tags
FacebookXWhatsAppReddit

About the author

View All Posts
Jamie

Jamie Davidson

Jamie is the Senior Rumors Analyst at PC-Tablet.com, with over 5 years of experience in tech journalism. He holds a postgraduate degree in Biotechnology, blending his scientific expertise with a deep passion for technology. Jamie plays a key role in managing the office staff writers, ensuring they stay informed with the latest technological developments and industry rumors. Known for his quiet nature, he is also an avid Chess player. Jamie’s analytical skills and dedication to following tech trends make him an essential contributor to the team, helping to maintain the site’s reputation for timely and accurate reporting.

Web Stories

5 Best Projectors in 2024: Top Long Throw and Laser Projectors for Every Budget
5 Best Projectors in 2024: Top Long Throw and Laser Projectors for Every Budget
5 Best Laptop of 2024
5 Best Laptop of 2024
5 Best Gaming Phones in Sept 2024: Motorola Edge Plus, iPhone 15 Pro Max & More!
5 Best Gaming Phones in Sept 2024: Motorola Edge Plus, iPhone 15 Pro Max & More!
6 Best Football Games of all time: from Pro Evolution Soccer to Football Manager
6 Best Football Games of all time: from Pro Evolution Soccer to Football Manager
5 Best Lightweight Laptops for High School and College Students
5 Best Lightweight Laptops for High School and College Students
5 Best Bluetooth Speaker in 2024
5 Best Bluetooth Speaker in 2024
6 Best Android Phones Under $100 in 2024
6 Best Android Phones Under $100 in 2024
6 Best Wireless Earbuds for 2024: Find Your Perfect Pair for Crystal-Clear Audio
6 Best Wireless Earbuds for 2024: Find Your Perfect Pair for Crystal-Clear Audio
Best Macbook Air Deals on 13 & 15-inch Models Start from $149
Best Macbook Air Deals on 13 & 15-inch Models Start from $149
View all stories
5 Best Projectors in 2024: Top Long Throw and Laser Projectors for Every Budget 5 Best Laptop of 2024 5 Best Gaming Phones in Sept 2024: Motorola Edge Plus, iPhone 15 Pro Max & More! 6 Best Football Games of all time: from Pro Evolution Soccer to Football Manager 5 Best Lightweight Laptops for High School and College Students 5 Best Bluetooth Speaker in 2024 6 Best Android Phones Under $100 in 2024 6 Best Wireless Earbuds for 2024: Find Your Perfect Pair for Crystal-Clear Audio Best Macbook Air Deals on 13 & 15-inch Models Start from $149