3CX DesktopApp Security Alert – Windows and Mac OS Electron App Infected

Published On: March 30, 2023|By |

As part of our 24×7 threat intelligence activities, our experts have noted a critical vulnerability compromising the 3CX desktop app.

CVE-2023-29059 – CVSS Score 10 – Critical

3CX Security Alert for Electron Windows App | Desktop App

This is a supply chain attack, the versions of 3CX desktop app, specifically 18.12.407 & 18.12.416, has had one of their libraries compromised. This compromised library was complied into the desktop app and has been used to sideload malware.
When the infected version is installed it will reach out to a C2 server and stage the Malware, likely an infostealer, that will harvest data from an infected machines user browser.

Affected vendors: 3CX, Microsoft, Apple

Affected resource: Windows

Need support?

Get help now


Currently, there are no mitigation steps, other than removing the affected versions. The issue with this is that the malware has likely been installed and done the job that was required of it. 3CX is urging customers to remove the infected version and has confirmed that an updated version is currently being worked on.

Remediation steps

Remove the desktop version of 3CX and use the PWA client. However, it would be prudent to remain cautious of any software 3CX is operating until the full blast radius of the compromise is detailed.

View Our Latest Events

View More