MOVEit Transfer, the software at the center of the recent massive spree of Clop ransomware breaches, has received an update that fixes a critical-severity SQL injection bug and two other less severe vulnerabilities.
SQL injection vulnerabilities allow attackers to craft special queries to gain access to a database or tamper with it by executing code. For these attacks to be possible, the target application must suffer from a lack of appropriate input/output data sanitization.
Progress, the developer of MOVEit Transfer, discovered multiple SQL injection problems in their product that include a critical one tracked as CVE-2023-36934, which can be exploited without user authentication.
“An SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database,” reads Progress’s security bulletin.
“An attacker could submit a crafted payload to a MOVEit Transfer application endpoint which could result in modification and disclosure of MOVEit database content” - MOVEit Transfer advisory
The second SQL injection flaw is identified as CVE-2023-36932 and received a high-severity rating because an attacker could exploit it after authentication.
The two SQL injection security issues impact multiple versions of MOVEit Transfer, including 12.1.10 and older, 13.0.8 and older, 13.1.6 and older, 14.0.6 and older, 14.1.7 and older, and 15.0.3 and older.
A third vulnerability addressed with this patch is CVE-2023-36933, a high-severity problem that lets attackers cause unexpected termination of the program.
This flaw impacts MOVEit Transfer versions 13.0.8 and older, 13.1.6 and older, 14.0.6 and older, 14.1.7 and older, and 15.0.3 and older.
Users of MOVEit Transfer are recommended to upgrade to the versions highlighted in the below table, which address the mentioned vulnerabilities.
| Affected Version | Fixed Version | Documentation | Release Notes |
|---|---|---|---|
| MOVEit Transfer 2023.0.x (15.0.x) | MOVEit Transfer 2023.0.4 (15.0.4) | MOVEit 2023 Upgrade | MOVEit Transfer 2023.0.4 |
| MOVEit Transfer 2022.1.x (14.1.x) | MOVEit Transfer 2022.1.8 (14.1.8) | MOVEit 2022 Upgrade | MOVEit Transfer 2022.1.8 |
| MOVEit Transfer 2022.0.x (14.0.x) | MOVEit Transfer 2022.0.7 (14.0.7) | MOVEit 2022 Upgrade | MOVEit Transfer 2022.0.7 |
| MOVEit Transfer 2021.1.x (13.1.x) | MOVEit Transfer 2021.1.7 (13.1.7) | MOVEit 2021 Upgrade | MOVEit Transfer 2021.1.7 |
| MOVEit Transfer 2021.0.x (13.0.x) | MOVEit Transfer 2021.0.9 (13.0.9) | MOVEit 2021 Upgrade | MOVEit Transfer 2021.0.9 |
| MOVEit Transfer 2020.1.6+ (12.1.6) | Special Service Pack Available | MOVEit Transfer 2020.1 SP | MOVEit Transfer 2020.1.7 |
| MOVEit Transfer 2020.0.x+ (12.0.x) | Upgrade to supported Version | Upgrade/Migration Guide | N/A |
Progress adopts security Service Packs
About a month ago, hackers, most notably the Clop ransomware gang, mass-exploited a zero-day vulnerability in the MOVEit Transfer product, tracked as CVE-2023-34362, to steal data from large organizations worldwide.
The software vendor fixed the flaw a few days after its discovery, but it was revealed that the fixes came roughly two years after Clop first started looking for ways to exploit the now-fixed flaw.
Progress launched a security audit soon after, which led to discovering and patching additional critical-severity flaws.
As the American software company still deals with the massive repercussions of the security incident, it has decided to introduce regular security updates called “Service Packs,” released every month.
As part of this new approach, the software upgrade process is being streamlined, allowing MOVEit Transfer admins to apply fixes quicker and easier than before.
Post a Comment Community Rules
You need to login in order to post a comment
Not a member yet? Register Now