CVE-2023-35036: Critical SQL Injection Vulnerability in MOVEit Transfer
Recently, Progress Software’s MOVEit Transfer application has been spotlighted due to newly uncovered SQL injection vulnerabilities, threatening the integrity of this popular file transfer solution.
This security issue, known as CVE-2023-35036, affects several versions of the MOVEit Transfer application released prior to 2021.0.7 (13.0.7), 2021.1.5 (13.1.5), 2022.0.5 (14.0.5), 2022.1.6 (14.1.6), and 2023.0.2 (15.0.2). This vulnerability is an SQL injection issue in the MOVEit Transfer web application, posing a risk to all of its versions, and it could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database.
Image: Huntress
SQL injection is a classic yet effective method of cyberattack, allowing hackers to manipulate database queries by inserting malicious SQL statements into an entry field. In the context of the CVE-2023-35036 vulnerability, an attacker could submit a specifically crafted payload to a MOVEit Transfer application endpoint. This action could result in the modification and disclosure of MOVEit database content, enabling the theft of sensitive information.
In the face of this potential threat, Progress Software swiftly released patches to neutralize the vulnerability in supported versions of the software. For users of the MOVEit Cloud, there is good news: all instances have been fully patched.
The discovery of these vulnerabilities was credited to cybersecurity firm Huntress, which discovered the flaws during a code review. As of the time of disclosure, Progress Software stated that they have not observed any indications of these newly discovered flaws being exploited in the wild.
These vulnerabilities underscore the critical importance of constant vigilance and timely action in the realm of cybersecurity. Applications such as MOVEit Transfer play a crucial role in business operations across industries, and any breach could result in significant consequences.
For users of the MOVEit Transfer application, the immediate course of action is clear: ensure the application is updated to the latest patched version.
