Published: 05/07/2023 Updated: 12/07/2023

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

In Progress MOVEit Transfer prior to 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), it is possible for an malicious user to invoke a method that results in an unhandled exception. Triggering this workflow can cause the MOVEit Transfer application to terminate unexpectedly.

Vulnerable Product	Search on Vulmon	Subscribe to Product
progress moveit transfer

MOVEit body count closes in on 400 orgs, 20M+ individuals

The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources 'One of the most significant hacks of recent years,' we're told

The number of victims and costs tied to the MOVEit file transfer hack continues to climb as the fallout from the massive supply chain attack enters week seven. In late May, Russian ransomware gang Clop exploited a security hole in Progress Software's MOVEit product suite to steal documents from vulnerable networks. As of today, the number of affected organizations is closing is on 400 and include some really big names: the US Department of Energy and other federal agencies as well as huge corpor...

CVE-2023-36933

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect