Hackuity Comment: CISA adds critical vulnerability in MOVEit file transfer software
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in Progress Software Corp.’s MOVEit file transfer software to its Known Exploited Vulnerabilities Catalog and reportedly ordered all federal agencies to patch their systems by June 23.
The vulnerability in the software, tracked as CVE-2023-34362, is being actively exploited by threat actors. An unauthenticated, remote attacker can exploit the vulnerability by sending a specially crafted SQL injection to a vulnerable MOVEit Transfer instance.
Sylvain Cortes, Hackuity VP Strategy & 17x Microsoft MVP comments:
"Reports of attackers actively exploiting a critical zero-day vulnerability in MOVEit Transfer’s database demand swift action. Remote threat actors can potentially gain unauthorised access and execute SQL statements to change or delete elements of the database. The main priority for organisations using this software now is the protection of data in their stored files. CISA has urged users to review the MOVEit Transfer Advisory, follow the mitigation steps, apply the necessary updates, and hunt for any malicious activity to protect their data by June 23 — if not before.
The majority of active vulnerability exploits can be prevented. To maximise preventative measures, organisations must develop routine vulnerability prioritisation to stay a step (or two) ahead of attackers. Consolidating all discoverable network vulnerabilities can create a clear view of your cyber risk in one place; now more than ever, organisations need to lean into always-on, automated Vulnerability Management to shrink the risk posed to business data, revenue, and reputation."