Skip to content

NCSC-NL/Progress-MoveIT-CVE-2023

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
 
 
 
 

Repository files navigation

Progress MOVEit vulnerability (CVE-2023-34362)

This repo contains operational information regarding Progress MoveIT Transfer vulnerability. For more information see:

NEW vulnerability detected on 15-6-2023

What is MOVEit Transfer and what is it used for?

MOVEit is a file/web transfer solution by Progress.

What products are vulnerable?

Affected version Fixed Version Documentation
MOVEit Transfer 2023.0.0 MOVEit Transfer 2023.0.1 MOVEit 2023 Upgrade Documentation
MOVEit Transfer 2022.1.x MOVEit Transfer 2022.1.5 MOVEit 2022 Upgrade Documentation
MOVEit Transfer 2022.0.x MOVEit Transfer 2022.0.4 MOVEit 2022 Upgrade Documentation
MOVEit Transfer 2021.1.x MOVEit Transfer 2021.1.4 MOVEit 2021 Upgrade Documentation
MOVEit Transfer 2021.0.x MOVEit Transfer 2021.0.6 MOVEit 2021 Upgrade Documentation

The product I use is vulnerable to this issue. What should I do?

For up-to-date information about patches and mitigations regarding CVE-2023-34362, see: https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-31May2023

For up-to-date information about patches and mitigations regarding the vulnerability detected on 15-6-2023 (CVE pending), see: https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-15June2023

IoCs and Detection

There are currently known IoCs that indicate exploitation of this vulnerability. IoCs will be shared - when possible - through this repository. For detection iocs please see iocs_detection/README.md.

For YARA rules please see iocs_detection/yara/README.md.

Webshell checker (Python based) https://github.com/ZephrFish/MoveIT-WebShellCheck

Shodan query for MOVEit instances www.shodan.io/search?query=http.favicon.hash%3A989289239

URLscan query for MOVEit instances www.urlscan.io/search/#hash%3A5f9f66003fc6214ca8a053853741ea7439429ce7ec834a737fba3f440bc9d473

Contributions welcome

If you have any additional information to share relevant to the MOVEit vulnerability, please feel free to open a Pull request. New to this? Read how to contribute in GitHub's documentation.

About

Information about Progress MoveIT CVE

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published