SFTP Gateway and StorageLink: Secure against the Cleo Vulnerability and CVE-2024-50623
SFTP Gateway and StorageLink are both secure against the Cleo Vulnerability.
Security researchers have uncovered a high-risk vulnerability in Cleo’s file transfer software, allowing hackers to exploit a “file upload and download vulnerability” to execute malicious code. The flaw enables attackers to place files into Cleo’s “autorun” directory, where they are automatically executed, compromising servers and sensitive data.
Thorn Technologies’ file transfer products—SFTP Gateway and StorageLink—are unaffected by this vulnerability.
Here’s why our solutions remain secure and offer peace of mind for enterprises:
No “Autorun” Directory
A key aspect of CVE-2024-50623 is its exploitation of Cleo’s “autorun” directory, which automatically executes files uploaded to it. Thorn Technologies’ products (SFTP Gateway and StorageLink do not include an autorun directory or similar functionality. This architectural choice eliminates an entire class of vulnerabilities, preventing malicious files from being executed automatically.
Secure File Upload and Download Mechanisms
Thorn Technologies file transfer solutions implement strict security protocols for uploads and downloads. Every file is subject to rigorous access controls, validation checks, and encryption mechanisms to ensure it cannot bypass security layers or trigger unauthorized actions.
Unlike Cleo’s tools, SFTP Gateway and StorageLink are designed to separate uploaded files from execution environments, further reducing risk. Thorn Technologies products write data directly to cloud storage so it is never physically stored on the same server that hosts the application.
With SFTP Gateway and StorageLink, Thorn Technologies, and other third parties, never touch your data. It moves directly between your users and your cloud storage locations.
Cloud-Native Security Architecture
Both SFTP Gateway and StorageLink are built to leverage the inherent security strengths of cloud platforms such as AWS, Azure, and Google Cloud. By default, these platforms include robust safeguards like:
- Strict access control policies
- Encrypted storage for all files
- Advanced monitoring and logging tools
These safeguards are seamlessly integrated into our solutions, ensuring a secure environment for your data.
Proactive Security Measures
At Thorn Technologies, we follow a proactive approach to security. Updates are released promptly to address emerging risks, and our customers benefit from clear communication and guidance on maintaining secure configurations.
Designed to Prevent Execution of Malicious Code
Unlike Cleo’s vulnerable architecture, SFTP Gateway and StorageLink do not support mechanisms that allow uploaded files to trigger system-level actions. Files transferred through our tools are treated as data, not executable content, ensuring attackers cannot introduce malicious code into the system.
Why Thorn Technologies Is the Right Choice
CVE-2024-50623 highlights the dangers of vulnerable file transfer software. With SFTP Gateway and StorageLink, you can confidently avoid such risks thanks to our secure-by-design approach. Whether you’re handling sensitive enterprise data or managing large-scale file transfers, our tools offer the reliability and security you need.
Thorn Technologies is revolutionizing the Managed File Transfer (MFT) industry by offering streamlined, dependable, cost-effective solutions tailored to cloud environments. With Thorn Technologies, customers maintain full control over their data and infrastructure, as our products are deployed directly within their private cloud environments.
SFTP Gateway and StorageLink are trusted by organizations of all sizes to seamlessly integrate with systems like Workday, Salesforce, and SAP while effectively replacing outdated legacy solutions such as IBM Sterling File Gateway. Explore our managed file transfer use cases, or contact the Thorn Tech team for more information.
Learn more about SFTP Gateway and StorageLink, and start a 30-day free trial