Progress Software, the developer of the Moveit Transfer platform, has urged its customers to address a critical vulnerability in the WS_FTP Server software, which has been targeted by cyber-attacks aimed at theft.
According to a statement from the company, numerous IT departments worldwide rely on the corporate WS_FTP Server for secure file transfers. However, Progress has recently discovered vulnerabilities in the software’s manager interface and AD Hoc Transfer module.
This week, two critical vulnerabilities in the WS_FTP Server have been eliminated, following the company’s efforts:
- CVE-2023-40044 allows unauthorized hackers to perform remote commands by exploiting the .NET deserialization vulnerability in the AD Hoc Transfer module. The severity score of this vulnerability is 10 according to CVSS.
- CVE-2023-42657 pertains to bypass vulnerabilities in the catalogue, enabling cybercriminals to perform file operations outside the authorized path to the WS_FTP folder. Progress has warned that attackers can manipulate files and folders on the underlying operating system. The severity score of this vulnerability is 9.9 according to CVSS.
These vulnerabilities can be exploited by cybercriminals without the need for user interaction.
Progress strongly advises users to update to the latest corrected version 8.8.2 in order to address these issues. Users are also instructed on how to disable or remove the vulnerable AD Hoc Transfer module, if not in use.
It is worth noting that Progress is still grappling with the aftermath of a series of attacks that targeted the Moveit Transfer platform, resulting in the theft of data from vulnerable networks. Prominent victims of these attacks include major US corporations and government agencies, such as the US Energy Department, Shell, Deutsche Bank, and PwC.