May 7, 2024

A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708)

11 months ago

Progress Software has asked customers to update their MOVEit Transfer installations again, to fix a third SQL injection vulnerability (CVE-2023-35708) discovered in the web application in less that a month. Previously, the Cl0p cyber extortion gang exploited CVE-2023-34362 to grab enterprise data, and Huntress researchers discovered CVE-2023-35036 after partnering with Progress to perform a code review of the web app. About CVE-2023-35708 CVE-2023-35708 is a vulnerability that could lead to escalated privileges and unauthorized access. … More

The post A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708) appeared first on Help Net Security.

About The Author

See author's posts

More Stories

Smoke Alarm Data Breach

5 days ago admin

How we built the new Find My Device network with user security and privacy in mind

2 weeks ago admin

Prevent Generative AI Data Leaks with Chrome Enterprise DLP

2 weeks ago admin