Security News > 2023 > June > It’s time to patch your MOVEit Transfer solution again!

It’s time to patch your MOVEit Transfer solution again!
2023-06-12 13:33

Progress Software customers who use the MOVEit Transfer managed file transfer solution might not want to hear it, but they should quickly patch their on-prem installations again: With the help of researchers from Huntress, the company has uncovered additional SQL injection vulnerabilities that could potentially be used by unauthenticated attackers to grab data from the web application's database.

"The investigation is ongoing, but currently, we have not seen indications that these newly discovered vulnerabilities have been exploited," the company said, and confirmed that they've "Deployed a new patch to all MOVEit Cloud clusters to address the new vulnerabilities."

On May 31, Progress warned about the active exploitation of CVE-2023-34362, an zero-day vulnerability that has been exploited to hit a variety of organizations during the Memorial Day weekend.

"Kroll's initial analysis of clients impacted by the MOVEit Transfer vulnerability indicated a broad swath of activity associated with the vulnerability on or around May 27 and 28, 2023, just days prior to Progress Software's public announcement of the vulnerability on May 31, 2023," the company said.

"Kroll assesses with high confidence that the MOVEit Transfer exploit as it exists today was available and being used/tested in April 2022, and was available and being used/tested in July 2021," the company noted.

"This finding illustrates the sophisticated knowledge and planning that go into mass exploitation events such as the MOVEit Transfer cyberattack. According to these observations, the Clop threat actors potentially had an exploit for the MOVEit Transfer vulnerability prior to the GoAnywhere MFT secure file transfer tool exploitation in February 2023 but chose to execute the attacks sequentially instead of in parallel."


News URL

https://www.helpnetsecurity.com/2023/06/12/moveit-patch-again/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-06-02 CVE-2023-34362 SQL Injection vulnerability in Progress Moveit Cloud and Moveit Transfer
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database.
network
low complexity
progress CWE-89
critical
9.8