Another Day ! Another Moveit Vulnerability Nightmare
Share this:
Researchers have unearthed a potent security vulnerability nestled within its MOVEit Transfer. This flaw threatens to pave the way for escalated privileges and the alarming possibility of unauthorized access to the environment.
The newly identified defect, earmarked as CVE-2023-35708, encapsulates an SQL injection vulnerability. Such vulnerabilities can act as gateways to escalated privileges, enabling potential unauthorized access to the user environment.
In an assertive response to the unanticipated exposure, Progress made the strategic decision to suspend HTTPs traffic for MOVEit Cloud. “We implore all MOVEit Transfer patrons to promptly terminate their HTTP and HTTPs traffic. This preemptive action is essential to fortifying their environments while we diligently work towards the finalization of a remedial patch,” a Progress Statement.
As of now no patch is available for the flaw, a temporary alteration to firewall rules.
- Denial of HTTP and HTTPs traffic to MOVEit Transfer on ports 80 and 443. Consequently, user access via the web UI would be interrupted; however, file transfers will remain operational due to the continued functionality of SFTP and FTP/s protocols.
- Administrators retain the option to access MOVEit Transfer via the Windows server by connecting remotely and navigating to https://localhost/.
CVE-2023-35708 exposure to potential cyber exploitation surfaces just a week after Progress divulged an alternate set of SQL injection vulnerabilities, tracked as CVE-2023-35036. These vulnerabilities reportedly posed a substantial risk of unauthorized access to the application’s database content.
Joining the roster is CVE-2023-34362, a notorious vulnerability exploited as a zero-day by the Clop ransomware syndicate in data theft onslaughts.
Analysis says already Cl0p ransomware gang is bringing many big names in to their victim list, which is already elaborated in earlier post.
Stay tuned for further updates and preventative measures concerning this critical security flaw as Progress works tirelessly towards a resolution.
