430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Progress warns customers of a new critical flaw in MOVEit Transfer software

Progress released security patches for a new critical SQL injection vulnerability affecting its MOVEit Transfer software. Progress is informing customers of a new critical SQL injection vulnerability, tracked as CVE-2023-36934, in its MOVEit Transfer software. MOVEit Transfer software recently made the headlines due to the massive Clop ransomware hacking campaign exploiting a vulnerability in the […]

MOVEit Transfer welltok

Progress released security patches for a new critical SQL injection vulnerability affecting its MOVEit Transfer software.

Progress is informing customers of a new critical SQL injection vulnerability, tracked as CVE-2023-36934, in its MOVEit Transfer software.

MOVEit Transfer software recently made the headlines due to the massive Clop ransomware hacking campaign exploiting a vulnerability in the product.

“a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database.” reads the advisory published by Progress. “An attacker could submit a crafted payload to a MOVEit Transfer application endpoint which could result in modification and disclosure of MOVEit database content.”

The flaw CVE-2023-36934 impacts software versions released before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), 2023.0.4 (15.0.4), the vulnerability was reported by Guy Lederfein of Trend Micro working through the Zero Day Initiative.

MOVEit Transfer software

 The company also addressed high-severity rating issues collectively tracked as CVE-2023-36932.

The flaws impacts In Progress MOVEit Transfer versions released before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), 2023.0.4 (15.0.4).

“multiple SQL injection vulnerabilities have been identified in the MOVEit Transfer web application that could allow an authenticated attacker to gain unauthorized access to the MOVEit Transfer database.” continues the advisory. “An attacker could submit a crafted payload to a MOVEit Transfer application endpoint which could result in modification and disclosure of MOVEit database content.”

The company also fixed another high-severity issue, tracked as CVE-2023-36933, which can be exploited by an attacker to cause unexpected termination of the application.

The issue affects MOVEit Transfer versions released before 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), 2023.0.4 (15.0.4).

“it is possible for an attacker to invoke a method that results in an unhandled exception.  Triggering this workflow can cause the MOVEit Transfer application to terminate unexpectedly.” reads the advisory.

“Look for your current version and apply the Service Pack. Only full installers are available due to the nature of the included updates.”

Affected VersionFixed Version (Full Installer)DocumentationRelease Notes
MOVEit Transfer 2023.0.x (15.0.x)MOVEit Transfer 2023.0.4 (15.0.4)MOVEit 2023 Upgrade Documentation  MOVEit Transfer 2023.0.4 Release Notes
MOVEit Transfer 2022.1.x (14.1.x)MOVEit Transfer 2022.1.8 (14.1.8)MOVEit 2022 Upgrade DocumentationMOVEit Transfer 2022.1.8 Release Notes
MOVEit Transfer 2022.0.x (14.0.x)MOVEit Transfer 2022.0.7 (14.0.7)MOVEit 2022 Upgrade DocumentationMOVEit Transfer 2022.0.7 Release Notes
MOVEit Transfer 2021.1.x (13.1.x)MOVEit Transfer 2021.1.7 (13.1.7)MOVEit 2021 Upgrade DocumentationMOVEit Transfer 2021.1.7 Release Notes
MOVEit Transfer 2021.0.x (13.0.x)MOVEit Transfer 2021.0.9 (13.0.9)MOVEit 2021 Upgrade Documentation  MOVEit Transfer 2021.0.9 Release Notes
MOVEit Transfer 2020.1.6 (12.1.6) or laterSpecial Service Pack AvailableSee KB 000236830
MOVEit Transfer 2020.1 Service
Pack (July 2023)
MOVEit Transfer 2020.1.7 Release Notes
MOVEit Transfer 2020.0.x (12.0.x) or olderMust Upgrade to a Supported VersionSee MOVEit Transfer Upgrade and
Migration Guide 
N/A

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, MOVEit Transfer software)