Security Advisory: MOVEit Vulnerability

Apply security patch released by Progress Software on June 9, 2023 as soon as possible.

PORTLAND, Ore. (June 16, 2023) – Today many news organizations are reporting a large cyberattack leveraging a vulnerability in MOVEit, a managed file transfer (MFT) software application  The MOVEit vulnerability (CVE-2023-34362) is a critical SQL injection vulnerability that allows an unauthenticated attacker to access the database of MOVEit Transfer. This vulnerability was first reported on May 31, 2023, by Progress Software, the vendor of MOVEit Transfer.

The vulnerability is caused by improper validation of user input in the MOVEit Transfer web application. This allows an attacker to inject malicious SQL code into the application, which can then be used to execute arbitrary commands on the server. This could allow an attacker to steal data from the database, install malware on the server, or take control of the server altogether.

The vulnerability has been exploited by the Cl0p ransomware-as-a-service (RaaS) operation. Cl0p has targeted a large number of businesses and organizations, including US government agencies, universities, state and local governments.

If you are using MOVEit Transfer, it is important to apply the security patch that was released by Progress Software on June 9, 2023. This patch will address the vulnerability and protect your system from attack. You can find more information about the vulnerability and the patch on the Progress Software website.

Here are some additional tips for protecting your system from the MOVEit vulnerability:

  • Use strong passwords and two-factor authentication for all accounts that have access to MOVEit Transfer.
  • Keep your software up to date with the latest security patches.
  • Use a firewall to block unauthorized access to your system.
  • Monitor your system for unusual activity.

A note on ransomware: the Cybersecurity Infrastructure Security Agency (CISA) does not recommend paying ransom. Paying ransom will not ensure your data is decrypted, that your systems or data will no longer be compromised, or that your data will not be leaked. Additionally, paying ransoms may pose sanctions risks. Access the downloadable #StopRansomware Guide from CISA as a PDF here.

About Structured

Structured is an award-winning solution provider delivering secure, cloud-connected digital infrastructure and managed services. For 30 years, we’ve helped clients through all phases of digital transformation by securely bridging people, business and technology.

We provide design guidance, engineering assistance, and product recommendations that adhere to best practices, boost ROI, and – most importantly – maximize information security. Customers trust us to provide valuable insight throughout the process of selecting and implementing secure and scalable IT strategies, platforms, and processes that meet modern expectations and drive measurable improvements throughout the enterprise.

Follow us on LinkedIn, and Twitter.