MOVEit Vulnerability: A Critical Security Threat
In June 2023, a critical vulnerability (CVE-2023-34362) was discovered in Progress Software’s MOVEit Transfer and MOVEit Cloud applications. This vulnerability allowed unauthenticated attackers to gain remote access to MOVEit servers, potentially leading to data breaches and other malicious activities.
Here are some key facts about the MOVEit vulnerability:
Severity: High (CVSS score of 9.8 out of 10) Impact: Potential unauthorized access to MOVEit servers, data theft, and system compromise Affected versions: MOVEit Transfer and MOVEit Cloud versions prior to 2023.2.1 Exploitation: Actively exploited by attackers Timeline:
- May 31, 2023: Progress reported the vulnerability to users.
- June 16, 2023: Public disclosure of the vulnerability forced Progress to take down HTTP and HTTPS traffic for both MOVEit Transfer and MOVEit Cloud.
- June – September 2023: Widespread attacks targeting vulnerable MOVEit servers.
- September 2023: Progress released patches for the vulnerability.
Consequences:
The MOVEit vulnerability had a significant impact on organizations around the world, including:
- Data breaches: Millions of individuals’ data was exposed due to the vulnerability.
- Financial losses: Affected organizations incurred significant costs in data recovery, remediation, and legal fees.
- Reputation damage: The breaches damaged the reputation of affected organizations and eroded trust with customers and partners.
Recommendations:
To protect your organization from the MOVEit vulnerability, it is important to:
- Update your MOVEit software to the latest version (2023.2.1 or later).
- Disable HTTP and HTTPS traffic for MOVEit Transfer and MOVEit Cloud until you have implemented all necessary security measures.
- Review your security policies and procedures for file transfer.
- Regularly scan your systems for vulnerabilities.
Additional Resources:
- Progress Software Security Advisory: https://www.fastly.com/blog/cve-2023-34362-progress-moveit-transfer-sql-injection-vulnerability
- NCSC MOVEit Vulnerability Information: https://www.ncsc.gov.uk/report/threat-report-13th-january-2023
- Wikipedia Article on the 2023 MOVEit Data Breach: https://en.wikipedia.org/wiki/Data_breach