![]() Companies listed on its website include high-profile organizations in the automobile, aerospace, finance, food and beverage, government, hospitality, and manufacturing sectors, to name a few. The company’s website boasts that 3CX is available in over 190 countries worldwide, with over 12 million daily users and a 600,000-plus customer base. Currently, no status on the availability of the MacOS version has been provided at the time of writing. However, this statement was later retracted. Initially, there was some confusion about whether the MacOS version was affected, as the CEO of 3CX issued a statement that only the Windows version of the app was affected. 3CX has stated that they are working on a new version of the Windows app and have revoked the certificate for the previous version. But at the time of writing, it appears that only the Electron framework versions of MacOS (versions, 18.12.402, 18.12.407, and 18.12.416) and Windows (versions 18.12.407 and 18.12.416) of the 3CX Desktop App are affected. Initial reports suggested that all platforms of the 3CXDesktop App were compromised. The 3CXDesktop App allows users to interact via chat, messaging, video, and voice. This issue has been assigned CVE-2023-29059.ģCXDesktop App is a multi-platform softphone application for desktops (Linux, MacOS, and Windows). This is the latest high-profile supply chain attack, beginning with SolarWinds and Kaseya a few years ago. On March 29, a number of reports surfaced that a legitimate signed file from VoIP/IP PBX solutions provider 3CX (3CXDesktop App) had been trojanized due to a code-level compromise. For a report of this event, please visit our Threat Signal Reports page. Please check back for the latest updates from FortiGuard Labs.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |