Login
Get a Demo
Become a Partner
SOCRadar® Cyber Intelligence Inc. | New Critical and High-Severity Vulnerabilities Found in MOVEit Transfer
Table Of Content
Home

Resources

Blog
Tem 07, 2023
3 Mins Read

New Critical and High-Severity Vulnerabilities Found in MOVEit Transfer

In recent security disclosures, a total number of three critical and high-severity vulnerabilities have been identified in Progress Software’s MOVEit Transfer software. These vulnerabilities pose significant risks to the security and integrity of the MOVEit Transfer web application, potentially allowing unauthorized access to the database and disclosure of sensitive information. To address these issues, Progress Software has released a Service Pack that includes essential fixes and security improvements

SQL Injection Vulnerability (CVE-2023-36934)

The SQL injection vulnerability affects MOVEit Transfer versions released before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4). It allows an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database by submitting a crafted payload to a vulnerable application endpoint. The attacker can modify and disclose the MOVEit database content, leading to potential data breaches.

More SQL Injection Vulnerabilities (CVE-2023-36932)

Similar to the previous vulnerability, multiple SQL injection vulnerabilities impact MOVEit Transfer versions released before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4). These vulnerabilities require authentication but can still enable an attacker to gain unauthorized access to the MOVEit Transfer database. By exploiting these vulnerabilities, an attacker can manipulate and disclose the database content, potentially leading to severe security breaches.

Unhandled Exception Vulnerability (CVE-2023-36933)

MOVEit Transfer versions released before 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4) are susceptible to an unhandled exception vulnerability. This vulnerability allows an attacker to invoke a method that causes the MOVEit Transfer application to terminate unexpectedly. By triggering this workflow, an attacker can disrupt the normal operation of MOVEit Transfer, potentially leading to service interruptions and system instability.

Service Pack Release

To mitigate the identified vulnerabilities and enhance the security of MOVEit Transfer, Progress Software has released a Service Pack. The Service Pack includes fixes for the identified vulnerabilities, along with database and installer improvements. It is highly recommended to apply this Service Pack to ensure the security of your MOVEit Transfer installation.

Affected Versions

  • MOVEit Transfer 2023.0.x (15.0.x) -> Fixed Version: MOVEit Transfer 2023.0.4 (15.0.4)
  • MOVEit Transfer 2022.1.x (14.1.x) -> Fixed Version: MOVEit Transfer 2022.1.8 (14.1.8)
  • MOVEit Transfer 2022.0.x (14.0.x) -> Fixed Version: MOVEit Transfer 2022.0.7 (14.0.7)
  • MOVEit Transfer 2021.1.x (13.1.x) -> Fixed Version: MOVEit Transfer 2021.1.7 (13.1.7)
  • MOVEit Transfer 2021.0.x (13.0.x) -> Fixed Version: MOVEit Transfer 2021.0.9 (13.0.9)
  • MOVEit Transfer 2020.1.6 (12.1.6) or later -> Fixed Version: MOVEit Transfer 2020.1.11 (12.1.11)
  • MOVEit Transfer 2020.0.x (12.0.x) or older -> Must upgrade to a supported version

The critical and high-severity vulnerabilities discovered in Progress Software’s MOVEit Transfer software emphasize the importance of promptly applying the available security patches and updates. By following the recommended upgrade process and applying the Service Pack, users can protect their MOVEit Transfer installations against potential attacks and mitigate the risks associated with unauthorized access, data modification, and disclosure.

Enhancing Vulnerability Management with SOCRadar’s Vulnerability Intelligence Module 

Vulnerability Intelligence module on SOCRadar platform, Truebot
Vulnerability Intelligence module on SOCRadar platform

SOCRadar’s Vulnerability Intelligence Module serves as a critical defense against risks presented by vulnerabilities like the ones mentioned above. This powerful module actively monitors and detects emerging vulnerabilities that malicious actors may exploit to compromise your organization’s security.

By leveraging this module, you receive timely alerts whenever critical vulnerabilities or exploits similar to those mentioned above are identified for the specific product components and technologies associated with your digital footprint. This allows you to stay informed about the vulnerabilities being targeted by threat actors, enabling faster assessment and verification processes with actionable insights and contextual information.

Related Articles
SOCRadar® Cyber Intelligence Inc. | Major Cyber Attacks in Review: March 2024
Major Cyber Attacks in Review: March 2024
Nis 16, 2024
SOCRadar® Cyber Intelligence Inc. | Cyber Reflections of Iran's Attack on Israel
Cyber Reflections of Iran's Attack on Israel
Nis 15, 2024
SOCRadar® Cyber Intelligence Inc. | Critical PHP Vulnerabilities: Update Now to Prevent Takeovers and Command Injection (CVE-2024-1874, CVE-2024-2756, CVE-2024-3096, CVE-2024-2757)
Critical PHP Vulnerabilities: Update Now to Prevent Takeovers and Command Injection (CVE-2024-1874, CVE-2024-2756, CVE-2024-3096, CVE-2024-2757)
Nis 15, 2024
SOCRadar® Cyber Intelligence Inc. | Critical OS Command Injection Vulnerability in Palo Alto's GlobalProtect Gateway: CVE-2024-3400. The patch is not available yet.
Critical OS Command Injection Vulnerability in Palo Alto's GlobalProtect Gateway: CVE-2024-3400. The patch is not available yet.
Nis 12, 2024
SOCRadar® Cyber Intelligence Inc. | Microsoft’s April 2024 Patch Tuesday, 149 Vulnerabilities Patched, Including 2 Zero-Day Vulnerabilities
Microsoft’s April 2024 Patch Tuesday, 149 Vulnerabilities Patched, Including 2 Zero-Day Vulnerabilities
Nis 10, 2024