Security News > 2023 > June > PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)
As more victim organizations of Cl0p gang's MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE vulnerability exploited by the Cl0p cyber extortion group to plunder confidential data.
Rapid7 has released an analysis of the vulnerability and a full exploit chain for CVE-2023-34362.
Organizations using on-prem MOVEit Transfer or the cloud service should check for evidence of compromise and data theft.
Transport for London told the BBC that one of its contractors had suffered a data breach, and that the stolen data did not include banking details or passenger data.
"No financial information was included in any of the files in this data breach. To date there have been no ransom demands nor is MDE aware that the data has been shared or posted online."
Ryan McConechy, CTO at Barrier Networks, told Help Net Security that with confidential data belonging to Ofcom now in the hands of criminals, these individuals and organizations will be at a heightened risk of phishing scams.
News URL
https://www.helpnetsecurity.com/2023/06/13/cve-2023-34362-exploit/
Related news
- LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners (source)
- Cisco warns of denial of service flaw with PoC exploit code (source)
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw (source)
- CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability (source)
- Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-02 | CVE-2023-34362 | SQL Injection vulnerability in Progress Moveit Cloud and Moveit Transfer In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. | 9.8 |