all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

A Vulnerability in MOVEit Transfer that Could Allow for Remote Code Execution

Add to bookmarks
June 2, 2023, 11:57 a.m. |

Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org

A Vulnerability has been discovered in Progress Moveit Transfer, which could allow for potential unauthorized access to the environment, escalated privileges, and remote code execution. MOVEit Transfer is a managed file transfer software that allows the enterprise to securely transfer files between business partners and customers using SFTP, SCP, and HTTP-based uploads. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users …

access business business partners code code execution customers enterprise environment file files file transfer managed managed file transfer moveit partners privileges progress remote code remote code execution sftp software unauthorized access vulnerability

Visit resource

More from www.cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center

A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution 3 days, 6 hours ago | www.cisecurity.org
arbitrary code arbitrary code execution attacker chrome +9
A Vulnerability in Apache OFBiz Could Allow for Remote Code Execution 3 days, 11 hours ago | www.cisecurity.org
apache apache ofbiz applications automation +25
A Vulnerability in F5 BIG-IP Next Central Manager Could Allow for Remote Code Execution 3 days, 11 hours ago | www.cisecurity.org
application big big-ip big-ip next central manager +14
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 5 days, 7 hours ago | www.cisecurity.org
arbitrary code arbitrary code execution attacker chrome +9
A Vulnerability in Mozilla PDF.js Could Allow for Arbitrary Code Execution 5 days, 10 hours ago | www.cisecurity.org
arbitrary code arbitrary code execution browsers can +12
Multiple Vulnerabilities in Google Android OS Could Allow for Privilege Escalation 6 days, 4 hours ago | www.cisecurity.org
android devices escalation exploitation +12
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 1 week, 5 days ago | www.cisecurity.org
arbitrary code arbitrary code execution attacker chrome +9
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2 weeks, 4 days ago | www.cisecurity.org
arbitrary code arbitrary code execution attacker chrome +9
Oracle Quarterly Critical Patches Issued April 16, 2024 3 weeks, 4 days ago | www.cisecurity.org
april code code execution critical +7

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Digital Security Infrastructure Manager

@ Wizz Air | Budapest, HU, H-1103
View on infosec-jobs.com

Sr. Solution Consultant

@ Highspot | Sydney
View on infosec-jobs.com

Cyber Security Analyst III

@ Love's Travel Stops | Oklahoma City, OK, US, 73120
View on infosec-jobs.com

Lead Security Engineer

@ JPMorgan Chase & Co. | Tampa, FL, United States
View on infosec-jobs.com

GTI Manager of Cybersecurity Operations

@ Grant Thornton | Tulsa, OK, United States
View on infosec-jobs.com

GCP Incident Response Engineer

@ Publicis Groupe | Dallas, Texas, United States
View on infosec-jobs.com
View more jobs