This website stores cookies on your computer. These cookies are used to collect information about how you interact with our website and allow us to remember you. To find out more about the cookies we use, see our privacy policy

close

Contact sales

close

Contact sales

close

Contact sales

close

Contact sales

close

Contact sales

close

Contact sales

close

Contact sales

Scanning Result for

Don't close this window or your scan will stop. Large companies can take 10+ minutes, smaller companies can take a few seconds. Maximum of 5 scans per visitor. Please get in touch with us at sales@dynarisk.com or book a demo for more information.
Critical
High
Medium
Low
Risk Signals ?
Risk Signals (?)
Vulnerabilities (?)
Hacker Chatter (?)
Digital Footprint (?)
Leaked Data (?)
Want to experience the full power of Breach Check?
Book a Demo

Maximum scans hit

Start Trial

Critical Vulnerability in Dolibarr ERP CRM Exposes Sensitive Data

Our Cyber Intelligence Team recently discovered reports of a concerning vulnerability, CVE-2023-33568, within Dolibarr ERP CRM software. This vulnerability, found in versions older than version 16.0.5, poses a significant risk to businesses, potentially allowing unauthenticated attackers to gain unauthorised access to sensitive company information, including customer data, employee records, and more. In this post, we will explore the details that we know so far, along with simple steps you and your customers can take to protect yourselves.

What is Dolibarr? 

Dolibarr ERP CRM is a software package designed for companies of all sizes, as well as freelancers. It offers a wide range of features, including enterprise resource planning (ERP) and customer relationship management (CRM) functionalities. In addition, it provides tools for various other business activities. 

What We Know So Far:

The vulnerability with the identifier CVE-2023-33568 enables unauthenticated attackers to perform a database dump, potentially leading to the unauthorised access of critical data. In simpler terms, if an attacker successfully exploits this vulnerability, they can gain access to a company's entire customer database, prospect information, supplier details, and employee records, provided that a contact file exists within the system. This vulnerability presents a significant risk to the confidentiality and integrity of sensitive business information.

Potential Exploitation by Ransomware Groups & Analysis:

Similar instances involving groups like MoveIT and Clop have demonstrated the potential for attackers to leverage vulnerabilities in popular software to launch devastating ransomware attacks. Given the wide adoption* of Dolibarr ERP CRM, it is crucial for users to take immediate action to protect their systems and data. Our team have already seen evidence of the vulnerability details being circulated via the Dark Web, so it’s likely that criminals will soon start taking advantage.

*Our team conducted some analysis to delve into the software usage. They concluded that because of the software's extensive use, this exploit could become popular amongst hackers. See images below:

Our team detected 9,545 unique IPs that may be vulnerable to this issue. 

Our analysis shows that the countries most affected by this vulnerability are:

  1. France
  2. United States
  3. Germany
  4. Indonesia
  5. Spain

 

What You And Your Customers Can Do: 

To safeguard your organisation and your clients’ organisations against this vulnerability, we recommend working through the following steps:

For insurance professionals and managed services providers:

  1. Scan your customers for cyber risk issues such as vulnerabilities and hacker chatter to determine if they could be at risk.
  2. Contact your customers and/or prospects to warn them of this potential issue so they can take steps to apply the latest updates.

 

For end user organisations:

1. Log File Analysis: Check your log files to identify any suspicious activities or unauthorised access attempts. This will help in determining whether your system has been compromised.

2. Immediate Upgrade: Upgrade your Dolibarr ERP CRM installation to version 16.0.5 or a higher release. Regularly updating your software ensures that you benefit from the latest security enhancements.

3. Security Best Practices: Implement robust security measures within your organisation, including multi factor authentication, strong passwords and regular data backups. Educate employees about cybersecurity best practices and encourage them to follow strong password protocols and exercise caution when handling sensitive information.

4. Implement Risk Management or Risk Monitoring Software that includes Dark Web Monitoring: To safeguard yourself and  your clients from cyberattacks, it's crucial to assess risk signals and vulnerabilities in advance. Our risk-management tool for businesses, Breach Defence, provides all the necessary resources to help prevent cyber threats. This includes educating employees, passive scans, and continuous monitoring of the dark web. Additionally, our risk monitoring solution, Breach Check, enables you to evaluate your clients’ or prospects' cyber risks ahead of time. This way, you can quickly identify any potential issues or gaps that could put them at risk.

 

The discovery of the vulnerability CVE-2023-33568 in Dolibarr ERP CRM software highlights the constant need for vigilance and proactive security measures. Cybercriminals actively exploit vulnerabilities in widely used software, making it imperative for companies to prioritise their own and their customers' security. 

If you’d like more information or advice on the above, or you’d like to learn more about how our software and cyber threat intelligence can help support you and your customers, get in touch with us: sales@dynarisk.com