2 min Security

1,800 networks at risk from new MOVEit vulnerability

1,800 networks at risk from new MOVEit vulnerability

MOVEit software contains a dangerous vulnerability. At least 1,800 networks are running these versions of the software. Safe versions are available but must be installed manually.

MOVEit contains another vulnerability that puts large parts of the Internet at risk for possible hacks. The software can be used to share and manage files across various protocols. The software is supposed to make file transfers secure by using encryption.

Security is now compromised by a vulnerability that allows hackers to access files without authenticating themselves. The problem presents itself in the MOVEit SFTP module. Earlier this week, Progress Software, the provider of MOVEit, disclosed the vulnerability. That immediately resulted in a wave of attempts to exploit the vulnerability, say researchers at Shadowserver on X.

The vulnerable versions are 2023.0.0 to 2023.0.11, 2023.1.0 to 2023.1.6 and 2024.0.0 to 2024.0.2. Progress Software believes it is better to install the latest version available. No patches have been released for the other versions.

Dent in secure image

The new vulnerability puts renewed pressure on the trust in the strong security of MOVEit software. This is mainly because vulnerabilities are widely exploitable, and this exploitation usually does not involve difficult attack techniques. Last year, the software contained a critical vulnerability that allowed sensitive data from 2,500 organizations to be accessed. The CL0P ransomware gang focused its activities in 2023 around the vulnerability.

The vulnerable versions are definitely running on 1,800 networks, according to Internet scans. More than half of these networks come from an American player. In Europe, however, more than 300 networks are also exploitable. The vulnerability again has the potential to create a large number of victims, but that depends mainly on organizations’ response time to update vulnerable versions.

Also read: How the MOVEit vulnerability has been making victims since May 2023