New Critical and High-Severity Vulnerabilities Found in MOVEit Transfer
In recent security disclosures, a total number of three critical and high-severity vulnerabilities have been identified in Progress Software’s MOVEit Transfer software. These vulnerabilities pose significant risks to the security and integrity of the MOVEit Transfer web application, potentially allowing unauthorized access to the database and disclosure of sensitive information. To address these issues, Progress Software has released a Service Pack that includes essential fixes and security improvements
SQL Injection Vulnerability (CVE-2023-36934)
The SQL injection vulnerability affects MOVEit Transfer versions released before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4). It allows an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database by submitting a crafted payload to a vulnerable application endpoint. The attacker can modify and disclose the MOVEit database content, leading to potential data breaches.
More SQL Injection Vulnerabilities (CVE-2023-36932)
Similar to the previous vulnerability, multiple SQL injection vulnerabilities impact MOVEit Transfer versions released before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4). These vulnerabilities require authentication but can still enable an attacker to gain unauthorized access to the MOVEit Transfer database. By exploiting these vulnerabilities, an attacker can manipulate and disclose the database content, potentially leading to severe security breaches.
Unhandled Exception Vulnerability (CVE-2023-36933)
MOVEit Transfer versions released before 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4) are susceptible to an unhandled exception vulnerability. This vulnerability allows an attacker to invoke a method that causes the MOVEit Transfer application to terminate unexpectedly. By triggering this workflow, an attacker can disrupt the normal operation of MOVEit Transfer, potentially leading to service interruptions and system instability.
Service Pack Release
To mitigate the identified vulnerabilities and enhance the security of MOVEit Transfer, Progress Software has released a Service Pack. The Service Pack includes fixes for the identified vulnerabilities, along with database and installer improvements. It is highly recommended to apply this Service Pack to ensure the security of your MOVEit Transfer installation.
Affected Versions
- MOVEit Transfer 2023.0.x (15.0.x) -> Fixed Version: MOVEit Transfer 2023.0.4 (15.0.4)
- MOVEit Transfer 2022.1.x (14.1.x) -> Fixed Version: MOVEit Transfer 2022.1.8 (14.1.8)
- MOVEit Transfer 2022.0.x (14.0.x) -> Fixed Version: MOVEit Transfer 2022.0.7 (14.0.7)
- MOVEit Transfer 2021.1.x (13.1.x) -> Fixed Version: MOVEit Transfer 2021.1.7 (13.1.7)
- MOVEit Transfer 2021.0.x (13.0.x) -> Fixed Version: MOVEit Transfer 2021.0.9 (13.0.9)
- MOVEit Transfer 2020.1.6 (12.1.6) or later -> Fixed Version: MOVEit Transfer 2020.1.11 (12.1.11)
- MOVEit Transfer 2020.0.x (12.0.x) or older -> Must upgrade to a supported version
The critical and high-severity vulnerabilities discovered in Progress Software’s MOVEit Transfer software emphasize the importance of promptly applying the available security patches and updates. By following the recommended upgrade process and applying the Service Pack, users can protect their MOVEit Transfer installations against potential attacks and mitigate the risks associated with unauthorized access, data modification, and disclosure.
Enhancing Vulnerability Management with SOCRadar’s Vulnerability Intelligence Module
SOCRadar’s Vulnerability Intelligence Module serves as a critical defense against risks presented by vulnerabilities like the ones mentioned above. This powerful module actively monitors and detects emerging vulnerabilities that malicious actors may exploit to compromise your organization’s security.
By leveraging this module, you receive timely alerts whenever critical vulnerabilities or exploits similar to those mentioned above are identified for the specific product components and technologies associated with your digital footprint. This allows you to stay informed about the vulnerabilities being targeted by threat actors, enabling faster assessment and verification processes with actionable insights and contextual information.