Critical MOVEit Transfer Vulnerability Updates
Progress Software discovered a critical SQL injection vulnerability (CVE-2023-34362) on May 31st in the MOVEit Transfer software which allowed unauthorized access to the Transfer environment and escalated privileges. As of June 5th, updates and patches for this incident have been provided. All versions of MOVEit Transfer are affected by this vulnerability, so immediate remediation steps should be taken.
Progress Software provides the following remediation steps to help protect against this vulnerability:
- Disable all HTTP and HTTPs traffic to your MOVEit Transfer environment.
- Administrators should review, delete, and/or reset any unauthorized files, accounts, and credentials.
- Review and download the appropriate patch(es) directly from Progress Software’s website.
- Verify that unauthorized files and accounts have been successfully deleted.
- Enable all HTTP and HTTPs traffic to your MOVEit Transfer environment.
- Continue to monitor network, endpoints, and logs for IoCs (Indicators of Compromise).
How we help
Our cybersecurity and risk services can help organizations strengthen their line of defense against phishing attacks and other destructive cybercrime tactics.
- Aponix Protect™ to build a comprehensive cybersecurity and technology risk management program tailored to your business needs.
- Business impact analysis and business continuity plans complete with robust policies, plans, and procedures to better protect your company from data breaches and efficiently recover from a cyber incident or significant business disruption.
- Risk assessments to identify and remediate gaps in a firm’s current cybersecurity and regulatory state, as well as figure out how a firm stands up against existing frameworks (SOC, PCI, NIST).
- Staff training and threat monitoring to educate on industry best practices, cyber trends, and emerging threats.
- Vulnerability and penetration testing to reduce the risk of financial, operational, and reputational losses that can result from a breach.
For questions about this alert, or to find out more about our services, please reach out to your ACA account executive or contact us.