Thought last year's MOVEit hellscape was behind you? Bad luck, Buster. We're back for round two after Progress Software lifted the lid on new vulnerabilities affecting MOVEit Transfer and Gateway.
MOVEit Transfer Exploitation (my API presentation recording)
Progress Software first contacted users on June 13 regarding CVE-2024-5805 and CVE-2024-5806, both of which are classified as authentication bypass-style vulnerabilities, each with a Critical Severity of 9.1.
The information was embargoed until June 25 to allow sufficient time for patching, which was probably a good call given that 2,773 organizations were breached by Cl0p in last year's MOVEit-related disaster, according to Emsisoft's tracker.
MOVEit Transfer was at the center of last year's breach. It is a popular managed file transfer (MFT) product used by organizations to transfer files around the enterprise. MOVEit Gateway is a proxy service that works to make transfer installations more secure. It allows organizations to place Gateway servers in their demilitarized zone, allowing Transfer to operate only on the local network, away from the public Internet.
