CyberSecurityBoard
Sponsor Register Login

Progress Discloses Two New Vulnerabilities in MOVEit Products

Progress Software has disclosed two fresh vulnerabilities in its MOVEit file transfer products.
The first is an authentication bypass affecting the MOVEit Transfer SFTP service in a default configuration.
It affects the Secure File Transfer Protocol service from version 2023.0.0 to 2023.0.11, 2023.1.0 to 2023.1.6 and 2024.0.0 to 2024.0.2.
The second is an SFTP-associated authentication bypass vulnerability affecting MOVEit Gateway from version 2024.0.0.
Both have been registered as high-severity flaws, with a CVSS score of 9.1.
Attackers could exploit these improper authentication vulnerabilities to bypass SFTP authentication and gain access to MOVEit Transfer and Gateway, said a Progress security advisory published on June 25.
Cybersecurity firm Rapid7 analyzed typical exploitation patterns in a recent blog post.
Rapid7 also observed that installers for the patched version of the MOVEit Transfer have been available on VirusTotal since at least June 11, 2024.
Vulnerability details and proof-of-concept exploit code are publicly available for CVE-2024-5806.
The Shadowserver Foundation has reported exploit attempts against its honeypots as of the evening of June 25.
Rapid7 recommended installing the patches provided by Progress for CVE-2024-5806 on an emergency basis, without waiting for a regular patch cycle.
This new incident comes months after a series of vulnerabilities in the MOVEit product range were detected, which led to numerous software attempted supply chain attacks in 2023, many of which were successful and impacted organizations worldwide.


This Cyber News was published on www.infosecurity-magazine.com. Publication date: Wed, 26 Jun 2024 19:10:06 +0000


Cyber News related to Progress Discloses Two New Vulnerabilities in MOVEit Products

MOVEit Transfer Flaws Push Security Defense Into a Race With Attackers - Attackers appear to be pounding away at a couple of critical bugs that Progress Software disclosed this week in its MOVEit file transfer application, with nearly the same ferocity as they did the zero-day flaw the company disclosed almost exactly a ...
9 months ago Darkreading.com CVE-2024-5806 CVE-2024-5805 CVE-2023-34362
MoveIt Transfer vulnerability targeted amid disclosure drama - Another vulnerability in Progress Software's MoveIt Transfer product is under attack amid an apparent leak of flaw. In security alerts published on Tuesday, Progress detailed two critical improper authentication vulnerabilities, one tracked as ...
9 months ago Techtarget.com CVE-2024-5806 CVE-2024-5805
Hackers target new MOVEit Transfer critical auth bypass bug - Threat actors are already trying to exploit a critical authentication bypass flaw in Progress MOVEit Transfer, less than a day after the vendor disclosed it. MOVEit Transfer is a managed file transfer solution used in enterprise environments to ...
9 months ago Bleepingcomputer.com CVE-2024-5806 CVE-2024-5805 Black Basta
Progress Discloses Two New Vulnerabilities in MOVEit Products - Progress Software has disclosed two fresh vulnerabilities in its MOVEit file transfer products. The first is an authentication bypass affecting the MOVEit Transfer SFTP service in a default configuration. It affects the Secure File Transfer Protocol ...
9 months ago Infosecurity-magazine.com CVE-2024-5806
MOVEit victim count latest: 2.6K+ orgs, 77M+ people The Register - Quick show of hands: whose data hasn't been stolen in the mass exploitation of Progress Software's vulnerable MOVEit file transfer application? Anyone? According to security shop Emsisoft, 2,620 organizations and more than 77 million individuals have ...
1 year ago Theregister.com
Microsoft SFI progress report elicits cautious optimism | TechTarget - "After a year, it looks like Microsoft has made some smart and substantive initial progress in elevating security across the whole organization: investment in security-focused head count, inclusion of security into performance reports across the ...
6 months ago Techtarget.com
Auto parts giant AutoZone warns of MOVEit data breach - AutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop MOVEit file transfer attacks. AutoZone is the leading retailer and distributor of automotive spare parts and accessories in the U.S., operating ...
1 year ago Bleepingcomputer.com
CVE-2023-40043 - ...
1 year ago
CVE-2023-6217 - ...
8 months ago
Week in review: MOVEit auth bypass flaws quitely fixed, open-source Rafel RAT targets Androids - Progress quietly fixes MOVEit auth bypass flawsProgress Software has patched one critical and one high-risk vulnerability in MOVEit, its widely used managed file transfer software product. Open-source Rafel RAT steals info, locks Android devices, ...
9 months ago Helpnetsecurity.com LockBit
Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
1 year ago Cisa.gov CVE-2023-48842 CVE-2023-43089 CVE-2023-39226 CVE-2023-46690 CVE-2023-47207 CVE-2023-46886 CVE-2023-48882 CVE-2023-49656 CVE-2023-28896 CVE-2023-48016 CVE-2023-49092 CVE-2023-2266 CVE-2023-2267 CVE-2023-31177 CVE-2023-34388 CVE-2023-34389 CVE-2023-48848 CVE-2023-4398
MOVEit Hackers Accessed 632,000 Email Addresses at Defense, DOJ - The report, by the US Office of Personnel Management, provides new details about a cyberattack in which hackers exploited flaws in MOVEit, a popular file-transfer tool. Federal cybersecurity officers previously confirmed that government agencies were ...
1 year ago Bloomberg.com
Delta Dental of California Discloses Data Breach Impacting 6.9 Million People - Dental insurance giant Delta Dental of California is informing more than 6.9 million individuals that their personal information was compromised as result of the MOVEit hacking incident. In notification letters it started sending out last week to the ...
1 year ago Securityweek.com
Microsoft Patch Tuesday 2024: 49 Vulnerabilities are fixed - Microsoft released its first patch on Tuesday, 2024, in which nearly 49 vulnerabilities have been fixed in Microsoft products and 5 vulnerabilities in non-Microsoft products. Among these 49 vulnerabilities, there were 12 remote code execution ...
1 year ago Cybersecuritynews.com CVE-2024-20674 CVE-2024-20700 CVE-2024-0057
CVE-2023-35036 - In Progress MOVEit Transfer before 2021.0.7 (13.0.7), 2021.1.5 (13.1.5), 2022.0.5 (14.0.5), 2022.1.6 (14.1.6), and 2023.0.2 (15.0.2), SQL injection vulnerabilities have been found in the MOVEit Transfer web application that could allow an ...
1 year ago
CVE-2023-36932 - In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), multiple SQL injection vulnerabilities have been identified in the MOVEit Transfer web ...
1 year ago
Ivanti discloses new zero-day flaw, releases delayed patches - Ivanti Wednesday released patches for two critical zero-day vulnerabilities that were disclosed earlier this month, but also warned customers of two new flaws, including a new zero-day that's under exploitation in the wild. In a security advisory on ...
1 year ago Techtarget.com CVE-2023-46805 CVE-2024-21887 CVE-2024-21888 CVE-2024-21893
CVE-2023-35708 - In Progress MOVEit Transfer before 2021.0.8 (13.0.8), 2021.1.6 (13.1.6), 2022.0.6 (14.0.6), 2022.1.7 (14.1.7), and 2023.0.3 (15.0.3), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an ...
1 year ago
CVE-2023-36934 - In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that ...
1 year ago
CVE-2023-42660 - ...
1 year ago
Data Breaches in US Schools Exposed 37.6M Records - Since 2005, educational institutions in the United States have experienced 3713 data breaches, impacting over 37.6m records. According to new data by Comparitech, 2023 marked a record year, with 954 breaches recorded - a dramatic rise from 139 in ...
11 months ago Infosecurity-magazine.com
MongoDB issues weekend warning of breach The Register - Critical vulnerabilities: The not-patch-Tuesday list. As is usually the case this time of month, the most pressing vulnerabilities of recent days were revealed/patched in Patch Tuesday releases. CVSS 9.8 - So many CVEs: Siemens SIMATIC S7-1500 CPU ...
1 year ago Go.theregister.com CVE-2023-6448 Hunters
Exploit for critical Progress Telerik auth bypass released, patch now - Researchers have published a proof-of-concept exploit script demonstrating a chained remote code execution vulnerability on Progress Telerik Report Servers. The Telerik Report Server is an API-powered end-to-end encrypted report management solution ...
9 months ago Bleepingcomputer.com CVE-2024-4358 CVE-2024-1800
Blue Shield of California members' Social Security numbers, other data stolen - Sensitive data from Blue Shield of California vision policy holders - including Social Security numbers, birth dates and addresses - may be among confidential patient information accessed by criminal hackers, the Oakland-based health insurance giant ...
1 year ago Siliconvalley.com
Oracle’s First Security Update for 2023 Includes 327 New Patches - Oracle has released its first security update of 2023, delivering 327 new security fixes and patching a range of critical vulnerabilities. This update covers products spanning across Oracle’s Cloud portfolio, Fusion Middleware, Hyperion, E-Business ...
2 years ago Securityweek.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)