HC3: Sector Alert Progress Software WS_FTP Critical Vulnerabilities

Progress Software WS_FTP Critical Vulnerabilities

Executive Summary

Progress Software, the maker of the MOVEit file transfer software which was widely exploited by the CL0P ransomware-as-a-service (Raas) group, has released a new advisory regarding multiple vulnerabilities in the WS_FTP Server, a file transfer product. Two of the vulnerabilities were rated as critical and are being tracked as CVE-2023-40044, which can allow an attacker to execute remote commands, and as CVE2023-4265, which is a directory traversal vulnerability. Due the recent and malicious targeting of Progress Software’s products to compromise Healthcare and Public Health (HPH) sector entities, HC3 strongly encourages patching and upgrading these devices to prevent serious damage to the HPH sector.

Read the full report at HHS or below:

ws-ftp-vulnerabilities-sector-alert

Singapore Facing ‘Serious’ Cyberattack by Espionage Group With Alleged China Ties
Missouri Adopts New Data Breach Notice Law
Qantas obtains injunction to prevent hacked data’s release
Ransomware attack disrupts Korea's largest guarantee insurer
Theft from Glasgow’s Queen Elizabeth University Hospital sparks probe
Global operation targets NoName057(16) pro-Russian cybercrime network in Operation Eastwood

Progress Software WS_FTP Critical Vulnerabilities

Related: