Although it equally suggests any of the other services that Progress Software offers). As of June 2 nd, Shodan searches for public facing MOVEit instances show over 500 systems that directly have MOVEit in the service headers and over 2,500 systems using the the MOVEit favicon (which suggests the system is using MOVEit even if the service headers provide don't show that. It is used by organizations to securely transfer files for business partners and customers.Īll MOVEit Transfer versions are affected by this vulnerability. Those of you that have been around IT for a stretch might remember Ipswitch's popular FTP software (WS_FTP). MOVEit Transfer is a managed file transfer (MFT) solution developed by Ipswitch (a subsidiary of Progress Software). Resources links, including one for the patch, are at the bottom of this post. The vulnerability being exploited is an SQL injection and has since been patched. On May 31, threat actors were discovered targeting a critical zero day in MOVEit Transfer software resulting in escalated privileges and unauthorized data access. Please refer to MOVEit’s full advisory here for next steps. At this time, MOVEit is recommending that all MOVEit Transfer customers apply the new patch, released on June 9, 2023. Currently, there is no known exploitation of these vulnerabilities. It's important to note that unlike the previous zero day, these vulnerabilities were discovered as a part of an internal code audit. These newly discovered vulnerabilities are distinct from the previously reported vulnerability that MOVEit shared on May 31, 2023. These vulnerabilities are SQL injection issues and exploitation could result in modification, deletion and/or disclosure of MOVEit database content. Update - June 12, 2023: According to MOVEit, there are additional vulnerabilities (CVEs pending MITRE) that a bad actor could potentially use to stage an exploit.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |