Saturday, December 7, 2024
HomeCVE/vulnerabilityProgress Patched New MOVEit File Transfer Flaw that Allows Privilege Escalation

Progress Patched New MOVEit File Transfer Flaw that Allows Privilege Escalation

Published on

SIEM as a Service

Progress, the company behind MOVEit Transfer, has issued a critical security alert addressing a newly discovered vulnerability in its MOVEit Transfer product.

The flaw, CVE-2024-6576, has been classified as a high-severity issue, with a CVSS score of 7.3, indicating a significant user risk.

CVE-2024-6576: Improper Authentication Leading to Privilege Escalation

The vulnerability found in the SFTP module of MOVEit Transfer stems from improper authentication mechanisms that could allow attackers to escalate their privileges. This issue affects several versions of MOVEit Transfer, specifically:

- Advertisement - SIEM as a Service
  • From 2023.0.0 before 2023.0.12
  • From 2023.1.0 before 2023.1.7
  • From 2024.0.0 before 2024.0.3

How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free Guide

Urgent Action Required

Progress strongly recommends that all affected customers upgrade to the latest patched versions to mitigate this security risk. The table below outlines the fixed versions available for download:

Fixed VersionDocumentationRelease Notes
MOVEit Transfer 2024.0.3 (16.0.3)Install and upgrade guideRelease Notes 2024.0
MOVEit Transfer 2023.1.7 (15.1.7)Install and upgrade guideRelease Notes 2023.1
MOVEit Transfer 2023.0.12 (15.0.12)Install and upgrade guideRelease Notes 2023.0

How to Upgrade

To upgrade, customers should:

  1. Log in to the Download Center at Progress Community using their Progress ID credentials.
  2. Select the appropriate asset from the “My Active” tab list.
  3. Click the download link under the “Related Products & Downloads” section.
  4. Download the fixed version from the table above.

If they have any questions or concerns, customers can open a new Technical Support case by logging into the Progress Community.

Those not under a current maintenance agreement are advised to contact the Progress Renewals team or their Progress partner account representative.

Progress emphasizes that upgrading to a patched release using the full installer is the only way to remediate this issue. Users will experience a system outage during the upgrade process.

Cloud customers, however, do not need to take any action as the cloud service has already been updated to the patched version.

Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...

Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware

BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using...

Russian Hackers Hijacked Pakistani Actor Servers For C2 Communication

Secret Blizzard, a Russian threat actor, has infiltrated 33 command-and-control (C2) servers belonging to...

Sophisticated Celestial Stealer Targets Browsers to Steal Login Credentials

Researchers discovered Celestial Stealer, a JavaScript-based MaaS infostealer targeting Windows systems that, evading detection...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...

Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware

BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using...

Russian Hackers Hijacked Pakistani Actor Servers For C2 Communication

Secret Blizzard, a Russian threat actor, has infiltrated 33 command-and-control (C2) servers belonging to...