Lace Tempest Exploits Zero-Day in a Strategic Strike on SysAid

Threat Level

Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

Lace Tempest has been implicated in exploiting a zero-day vulnerability, identified as CVE-2023-47246. This exploitation allows for the execution of code within SysAid on-premise software, leading to an unauthorized breach of corporate servers. The primary objectives of this breach include data theft and the deployment of the Clop ransomware.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.