Another SQL injection vulnerability has been found in Progress Software’s MOVEit Transfer software, making it the fourth flaw of its kind to be discovered within a month. This latest security bug, identified as CVE-2023-36934, is separate from the zero-day flaw previously exploited by the Cl0p ransomware gang. However, like the previous bug, it could potentially allow unauthorized cyber attackers to gain access to MOVEit Transfer databases and carry out malicious activities such as executing malware, manipulating files, or stealing information.
According to the advisory released by Progress, “An attacker could submit a crafted payload to a MOVEit Transfer application endpoint which could result in modification and disclosure of MOVEit database content.” The vulnerability has not been observed being exploited in the wild yet. Nevertheless, due to its severity, users are strongly advised to apply the patch as soon as possible. In addition to this latest vulnerability, two other high-severity vulnerabilities (CVE-2023-36932 and CVE-2023-36933) were also disclosed concurrently, adding to the urgency of implementing the patches.
The affected versions of MOVEit Transfer include 12.1.10 and earlier, 13.0.8 and earlier, 13.1.6 and earlier, 14.0.6 and earlier, 14.1.7 and earlier, and 15.0.3 and earlier. Users of these versions are strongly encouraged to update their software to the latest patched version to mitigate the risk.
This recent SQL injection vulnerability is not an isolated incident. Since early June, other SQL vulnerabilities have been discovered in MOVEit Transfer. These include CVE-2023-35708 and CVE-2023-35036, as well as CVE-2023-34362, which specifically targeted by the Cl0p ransomware gang and was discovered over the Memorial Day weekend.
Speaking of the Cl0p campaign, this extortion gang continues to wreak havoc. They claim to have already victimized over 200 organizations, including government agencies. The impact of this campaign has further expanded due to compromised third-party vendors who expose their downstream customers to the threat.
In response to the continuous stream of vulnerabilities discovered in their software, Progress has announced plans to release MOVEit product updates every two months moving forward. This measure aims to address security issues promptly and enhance the overall robustness of their software.
With the increasing frequency and severity of cyber threats, it is crucial for organizations to remain vigilant in implementing security patches and updates. MOVEit Transfer users must prioritize updating their software to the patched versions to protect their systems and data from potential exploitation and unauthorized access.
To stay informed about the latest cybersecurity threats, vulnerabilities, data breaches, and emerging trends, users can subscribe to receive daily or weekly emails. These emails provide up-to-date information and enable users to stay one step ahead of potential threats.
In conclusion, the discovery of yet another SQL injection vulnerability in Progress Software’s MOVEit Transfer software highlights the ongoing challenges faced by organizations in ensuring the security of their systems and data. It emphasizes the need for regular software updates and rigorous cybersecurity practices to protect against evolving cyber threats.