The SFTP module of the MOVEit Transfer managed file transfer solution has a flaw in the SSH authentication process that can lead to it being bypassed altogether[1].
This critical severity authentication bypass vulnerability comes on the heels of previous vulnerabilities in the MOVEit Transfer software, and a little more than a year after a major security incident[2] involving the software. Current Bitsight data indicates that 2,800 IP addresses across 1,400 organizations are running MOVEit Transfer software.
See the resource center.
Status
Since we have detection capabilities for multiple prior MOVEit Transfer vulnerabilities, there is a high likelihood we’ll be able to develop a detection technique for this vulnerability. Previous vulnerabilities:
- CVE-2023-34362
- CVE-2023-35036
- CVE-2023-35708
- CVE-2023-36934
- CVE-2023-36933
- CVE-2023-36932
Timeline:
- June 28 – Detection capability testing.
- June 27 – Reviewed information about the vulnerability and assessing detection capability.
Feedback
0 comments
Please sign in to leave a comment.