On July 5, Progress Software released a security advisory for a new critical vulnerability in the MOVEit Transfer software, CVE-2023-36934. With a critical score of 9.1, this bug is a SQL injection vulnerability in the MOVEit Transfer web application with the potential to allow unauthorized access to the MOVEit database from unauthenticated attackers. A POC was released on July 9, and Imperva has already seen targeted attack attempts against customers.
For Imperva Cloud WAF and RASP customers, the exploits targeting this vulnerability are mitigated out of the box. Imperva WAF Gateway customers must enable the blocking policy if they use MOVEit software.
CVE-2023-36934 follows other recent MOVEit vulnerabilities like CVE-2023-34362, which was exploited in mass attacks by the Cl0p ransomware gang. Imperva customers are also protected against exploits targeting all previously released MOVEit vulnerabilities.If you have deployed MOVEit, it is recommended to upgrade to protected versions of the software or install patches as soon as possible.
Imperva is monitoring the situation and will provide updates as possible.
Try Imperva for Free
Protect your business for 30 days on Imperva.