News Post

Critical MOVEit vulnerability puts huge swaths of the Internet at severe risk

ArstechnicaArstechnica · 4m
Critical MOVEit vulnerability puts huge swaths of the Internet at severe risk

A critical vulnerability has been discovered in MOVEit, a widely used file transfer software. The vulnerability, known as CVE-2024-5806, allows attackers to bypass authentication and gain access to sensitive data. Hackers have already started attempting to exploit this vulnerability following its public disclosure. The exploit can be triggered by using a null string as a public encryption key during the authentication process, enabling attackers to assume the identity of any SFTP user and perform malicious actions. Progress Software has released patches to address the vulnerability, and administrators are advised to investigate their systems for vulnerability and take appropriate measures. Last year, a similar vulnerability led to the compromise of numerous organizations.

Comments

Download the medial app to read full posts, comements and news.