Progress Software has warned about a critical vulnerability in its popular file-transfer software, MOVEit, which could allow malicious actors to gain unauthorized access to customer networks.
The vulnerability (CVE-2023-34362) is being actively exploited by threat actors, leading to data theft from multiple organizations. It allows unauthorized access through a specially crafted SQL injection. Successful exploitation grants access to the affected MOVEit Transfer instance and potentially exposes information about the database structure and contents. The vulnerability affects both on-premises and cloud versions of MOVEit.
While Mandiant says it is investigating multiple intrusions related to this exploitation, Huntress reports that a small number of their customers are affected, with one experiencing a complete attack.
The attacker’s identity is presently unknown, and no extortion efforts have been made on the dark web utilizing the stolen material. But Progress Software has delivered updates for the impacted MOVEit versions and advised customers to deactivate web traffic to the software until the updates can be implemented to ensure network security.
The sources for this piece include an article in Axios.
