CVE-2023-36933
published 2023-07-05CVE-2023-36933: In Progress MOVEit Transfer before 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), it is possible for an…
PriorityP358high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
72.24%
99.4th percentile
In Progress MOVEit Transfer before 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), it is possible for an attacker to invoke a method that results in an unhandled exception. Triggering this workflow can cause the MOVEit Transfer application to terminate unexpectedly.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| progress | moveit_transfer | < 2020.1.11 | 2020.1.11 |
| progress | moveit_transfer | >= 2021.0 < 2021.0.9 | 2021.0.9 |
| progress | moveit_transfer | >= 2021.1.0 < 2021.1.7 | 2021.1.7 |
| progress | moveit_transfer | >= 2022.0.0 < 2022.0.7 | 2022.0.7 |
| progress | moveit_transfer | >= 2022.1.0 < 2022.1.8 | 2022.1.8 |
| progress | moveit_transfer | >= 2023.0.0 < 2023.0.4 | 2023.0.4 |
Detection & IOCsextracted from sources · hover to see the quote
- ·CVE-2023-36933 affects Progress MOVEit Transfer versions before 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4). The vulnerability allows an attacker to invoke a method causing an unhandled exception, terminating the application unexpectedly (DoS). ↗
- ·CVE-2023-36933 was patched alongside CVE-2023-36934 and CVE-2023-36932 in a July service pack by Progress, in the context of broader MOVEit Transfer exploitation activity by the Clop ransomware group. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Trendmicro
2H 2023: Mehr aktive RaaS-Gruppen und mehr Opfer
blogs_trendmicro·2024-04-16·CVSS 9.8
[CRITICAL] 2H 2023: Mehr aktive RaaS-Gruppen und mehr Opfer
Ransomware
## 2H 2023: Mehr aktive RaaS-Gruppen und mehr Opfer
Unser aktueller Bericht zur Lage und den Trends der Ransomware-Landschaft in der zweiten Hälfte 2023 verdeutlicht, dass die Gruppen LockBit, BlackCat und Clop für die meisten Angriffe mit der höchsten Anzahl an Opferunternehmen verantwortlich waren.
By: Shingo Matsugaya Apr 16, 2024 Read time: ( words)
Save to Folio
Unser detaillierter Bericht basiert auf Daten aus den Leak-Sites von RaaS- und Erpressergruppen, der Open-Source-Intelligence (OSINT)-Forschung von Trend und den Telemetriedaten von Trend Research, die vom 1. Juli bis 31. Dezember 2023 gesammelt wurden. Global lässt sich ein Anstieg der aktiven RaaS-Gruppen parallel zu den wachsenden Opferzahlen feststellen. Bereits seit 2022 gehörten LockBit und BlackCat durch
Unit42
Threat Brief - MOVEit Transfer SQL Injection Vulnerabilities: CVE-2023-34362, CVE-2023-35036 and CVE-2023-35708 (Updated Oct 4)
blogs_unit42·2023-10-04·CVSS 9.8
CVE-2023-34362 [CRITICAL] Threat Brief - MOVEit Transfer SQL Injection Vulnerabilities: CVE-2023-34362, CVE-2023-35036 and CVE-2023-35708 (Updated Oct 4)
Threat Research Center
High Profile Threats
Vulnerabilities
## Threat Brief - MOVEit Transfer SQL Injection Vulnerabilities: CVE-2023-34362, CVE-2023-35036 and CVE-2023-35708 (Updated Oct 4)
Unit 42
Published: October 4, 2023
High Profile Threats
Threat Research
Vulnerabilities
CVE-2023-34362
CVE-2023-35036
CVE-2023-35708
CVE-2023-36934
MOVEit
Update October 4: We have added additional information using data gathered from Advanced Threat Prevention.
Update July 7: We cover the most recently disclosed vulnerabilities in MOVEit Transfer, as well as the July 2023 service pack.
## Executive Summary
On May 31, Progress Software posted a notification alerting customers of a critical Structured Query Language injection (SQLi) vulnerability (CVE-2023-34362) in their MOVEit Tra
Unit42
Threat Brief - MOVEit Transfer SQL Injection Vulnerabilities: CVE-2023-34362, CVE-2023-35036 and CVE-2023-35708 (Updated Oct 4)
blogs_unit42·2023-10-04·CVSS 9.8
CVE-2023-34362 [CRITICAL] Threat Brief - MOVEit Transfer SQL Injection Vulnerabilities: CVE-2023-34362, CVE-2023-35036 and CVE-2023-35708 (Updated Oct 4)
Update October 4: We have added additional information using data gathered from Advanced Threat Prevention.
Update July 7: We cover the most recently disclosed vulnerabilities in MOVEit Transfer, as well as the July 2023 service pack.
## Executive Summary
On May 31, Progress Software posted a notification alerting customers of a critical Structured Query Language injection (SQLi) vulnerability (CVE-2023-34362) in their MOVEit Transfer product. MOVEit Transfer is a managed file transfer (MFT) application intended to provide secure collaboration and automated file transfers of sensitive data.
Update: On June 9 and June 15, Progress Software alerted customers of additional SQL Injection vulnerabilities (also rated critical by Progress and got assigned CVE-2023-35036 and CVE-2023-35708, re
2023-07-05
Published