VULNERABILITY DIGEST FROM ACTION1

Patch Tuesday and third-party updates | This Wednesday | 12 PM EST / 6 PM CET

Action1 5 Blog 5 3CX Falls Victim to Supply Chain Attack: Action1 Solution

3CX Falls Victim to Supply Chain Attack: Action1 Solution

April 7, 2023

By Peter Barnett

As reported by several cybersecurity firms, enterprise communications software maker 3CX has fallen victim to a supply chain attack affecting multiple versions of its desktop app for Windows and macOS. The affected versions include 18.12.407 and 18.12.416 for Windows, and 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 for macOS. The incident has been assigned the CVE identifier CVE-2023-29059.

The company has announced that it is engaging the services of Mandiant, a cybersecurity firm owned by Google, to review the incident. Meanwhile, 3CX is urging its customers of self-hosted and on-premise versions of the software to update to version 18.12.422, which is the latest version available.

The attack on 3CX is believed to have resulted from a compromise of the company’s software build pipeline to distribute Windows and macOS versions of the app package or the poisoning of an upstream dependency. The scale of the attack is still unknown, but the incident highlights the need for all companies to take supply chain security seriously and to put in place robust measures to protect against such attacks.

If you are a customer of 3CX’s desktop app for Windows or macOS, it is strongly recommended that you update to version 18.12.422 as soon as possible to mitigate the risk of further harm. In addition, if you suspect that your system may have been compromised, you should take immediate steps to secure your system and seek professional advice from a reputable cybersecurity firm.

Action1 Script to Terminate All Running 3CXDesktop Processes

In response to the attack, Action1 has created a script that terminates all running 3CXDesktop processes and prevents their auto-launch at the next system reboot. The script is available in the Script Library of the Action1 platform and can be used by affected customers to protect their systems from further harm.

Here’s how to use the script:

1. Log in to your Action1 account.
2. Navigate to the Script Library and locate the “3CX Desktop Vulnerability Remediation” script.
3. Click on “Run Script” and select the endpoints that you want to update.

See What You Can Do with Action1

 

Join our weekly LIVE demo “Patch Management That Just Works with Action1” to learn more

about Action1 features and use cases for your IT needs.

 

spiceworks logo
getapp logo review
software advice review
trustradius
g2 review
spiceworks logo

Related Posts

What is Vulnerability Management?

Vulnerability management is an ongoing process of identifying, evaluating, prioritizing, and addressing security vulnerabilities in an organization's systems and the software...

read more

What is Patch Management?

Patch management is the process of keeping software up-to-date by installing updates called patches in order to address security vulnerabilities and close them timely, add new...

read more