Security News > 2023 > June > Zero-day MOVEit Transfer vulnerability exploited in the wild, heavily targeting North America
MOVEit is managed file transfer software from Progress, an application development and digital experience technologies provider.
Aspx is the native file used by MOVEit Transfer for its web interface.
Microsoft has confirmed the exploitation of this vulnerability via Twitter, attributing attacks exploiting the CVE-2023-34362 MOVEit Transfer zero-day vulnerability to Lace Tempest, a threat actor known for ransomware operations and running the Clop extortion site.
This threat actor exploited a vulnerability in another File Transfer Manager software, GoAnywhere, earlier this year.
Aspx file in the wwwroot folder of their MOVEit Transfer software.
In the case where administrators of the MOVEit Transfer software enabled logging, a Windows Event File C:WindowsSystem32winevtLogsMOVEit.
News URL
https://www.techrepublic.com/article/zero-day-moveit-vulnerability/
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-02 | CVE-2023-34362 | SQL Injection vulnerability in Progress Moveit Cloud and Moveit Transfer In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. | 9.8 |