Security News > 2023 > March > Ransomware gangs are exploiting IBM Aspera Faspex RCE flaw (CVE-2022-47986)
Attackers are exploiting a critical vulnerability in the IBM Aspera Faspex centralized file transfer solution to breach organizations.
IBM Aspera Faspex is used by organizations to allow employees to quickly and securely exchange files with each other.
It affects IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier, and allows arbitrary code execution.
The problem, according to Rapid7's security researcher Caitlin Condon, is that Aspera Faspex is typically installed on the network perimeter and - obviously - that some organizations haven't plugged this particular security hole when IBM first made patches available.
In early March, SentinelOne researchers spotted attackers wielding the IceFire ransomware hitting Linux boxes of organizations in Turkey, Iran, Pakistan, and the United Arab Emirates.
Enterprise admins are advised to upgrade their IBM Aspera Faspex server immediately and to look for - and act on - evidence of compromise.