Public companies using the MOVEit Transfer application, a file transfer solution by Progress Software, are on high alert after the discovery of new SQL injection vulnerabilities. These vulnerabilities could provide an entry point for unauthorised access to sensitive information, highlighting a serious security concern.
SQL Injection Vulnerabilities
The company issued an advisory on June 9, 2023, stating that “Multiple SQL injection vulnerabilities have been identified in the MOVEit Transfer web application that could enable an unauthenticated attacker to manipulate and expose MOVEit database content through a crafted payload submission.”
Every version of the service is susceptible to these vulnerabilities. However, patches have been released for MOVEit Transfer versions 2021.0.7 (13.0.7), 2021.1.5 (13.1.5), 2022.0.5 (14.0.5), 2022.1.6 (14.1.6), and 2023.0.2 (15.0.2). MOVEit Cloud instances are now completely patched.
The cybersecurity company Huntress is credited with identifying these vulnerabilities during a code review. Progress Software assures that, to their knowledge, there have been no exploitations of these new flaws so far.
Previous MOVEit Transfer Vulnerability Exploitation
A MOVEit Transfer vulnerability, identified as CVE-2023-34362, had previously seen severe exploitation, allowing attackers to drop web shells on targeted systems. The Cl0p ransomware gang, notorious for data theft campaigns and exploiting zero-day bugs, has been linked to these activities.
Extortion Threats
The Cl0p group has also been issuing threats to companies affected by these vulnerabilities, warning that if they do not establish contact by June 14, 2023, their stolen information will be publicly disclosed on the data leak site.
The vulnerability exploitation in MOVEit Transfer software should be a wake-up call for all enterprises to ensure their systems are updated regularly to counter such threats. The significance of these events calls for improved cyber security measures, as a breach could lead to devastating results.
We invite our esteemed readers to share their thoughts on this critical issue. What are your views on this matter? Please share your thoughts in the comment section below!