High-Score Vulnerability Hits Internet; May Be Biggest Security Event in 2024

TapTechNews June 27th news, a 9.1-high score vulnerability is raging across the network, causing a large area of the Internet to be shrouded in the shadow of hackers, and there is sufficient evidence that hackers have launched attacks using this vulnerability, and it may become the biggest security event in 2024.

The vulnerability tracking number is CVE-2024-5806, which exists in the SFTP module of the MOVEit management software. If exploited by attackers, it can bypass authentication and obtain sensitive data.

Researchers from the Shadowserver organization said that within a few hours after the vulnerability was made public, hackers had already begun to try to exploit it.

MOVEit is a management tool specifically customized for enterprises, sold by ProgressSoftware Company. It helps enterprises transfer and manage files using SFTP, SCP and HTTP protocols under the premise of complying with PCI and HIPAA regulations. In a separate scan conducted by the security company Censys on Tuesday, it was found that more than 2700 organizations and institutions worldwide have deployed this system.

TapTechNews queried public information and found that MOVEit also reported high-risk vulnerabilities in 2023, resulting in information leakage of 2300 enterprises and institutions such as Shell Petroleum Company, British Airways, the US Department of Energy and the Ontario government's BORNOntario Birth Registration Office.

Researchers from the watchTowr laboratory wrote: This is a devastating attack for enterprises/organizations. Hackers can use this vulnerability to authenticate SFTP with an empty string, perform all normal operations such as reading, writing or deleting files, and can cause chaos in other ways.

ProgressSoftware Company has currently released version updates such as 2023.0.11, 2023.1.6 and 2024.0.2, and urges enterprises to deploy the updates as soon as possible.