A vulnerability in Progress’ managed file transfer service MOVEit is currently being actively exploited. U.S. cybersecurity regulator CISA is calling for patching as soon as possible.
MOVEit is specifically designed to provide compliant file-sharing with sensitive data. To do this, the service can automate and manage complex workflows and provide visibility into all file-transfer activity in real time.
In addition, the file-transfer service secures files with various secure protocols such as FTPS, HTTPS and SFTP and provides data encryption in rest and during exchange.
Vulnerability with SQL injection
The recently discovered vulnerability, CVE-2023-34362, allows hackers to penetrate a MOVEit Transfer instance with a specially created SQL injection. This allows them to gain access to the databases currently in use, for example MySQL, Microsoft SQL and Azure SQL. The attacker could potentially derive information about the structure and content of the database.
Both the on-prem and cloud versions of MOVEit are affected by the vulnerability.
Active misuse and patch available
According to U.S. regulator CISA, the vulnerability is now being actively exploited and U.S. government agencies should be required to patch as soon as possible.
Progress has since released a security update for the vulnerability. In this update, the software vendor provides a roadmap for resolving the vulnerability and a patch for different versions of the file-transfer service.
Tip: Report: even one unpatched bug can lead to cyber insurance claim