Urgent action required - Security vulnerabilities in Progress Software's WS_FTP server
by Tina Siering
There is an urgent need for action for users of Progress Software's WS_FTP Server software. After serious security vulnerabilities were discovered and classified as critical. Among the vulnerabilities, the one with the identifier CVE-2023-40044 stands out, indicating a CVSS score of 10.0 and thus maximum severity.
Numerous vulnerabilities threaten users
The vulnerability allows unauthenticated attackers to execute remote commands on the operating system of the WS_FTP server by means of a .NET deserialisation vulnerability in the Ad Hoc Transfer module. However, in addition to this particularly critical shortcoming, a number of other weaknesses have been identified, ranging from XSS (Cross-Site Scripting) attacks to SQL injection and CSRF (Cross-Site Request Forgery) attacks.
The explosive nature of the vulnerabilities is underlined by the current context: Progress Software, specifically the MOVEit Transfer Platform, has recently been the target of large-scale data theft attacks affecting over 62 million individuals and more than 2,100 organisations.
The potential risk from ransomware groups
The vulnerabilities in Progress software are becoming increasingly attractive, particularly to ransomware groups such as Cl0p. The latest patches are essential to contain impending threats and protect users from potential attacks and resulting data leaks or financial damage.
The impact of such attacks has already been seen in the massive MOVEit Transfer security breach that affected countless organisations and individuals since May 2023, resulting in extensive data thefts.
Need for updates and proactive protection
Progress has since provided hotfixes for the vulnerabilities and urges their prompt installation. The company stresses the need to upgrade to version 8.8.2 to fix the existing issues and pre-emptively counter future threats. Users are urged to include security updates and upgrades in their routine maintenance and to always use an up-to-date software version to maintain security levels.
At this stage, despite the significant challenges and setbacks caused by the previous hacks, Progress stresses that there is no evidence that the newly identified vulnerabilities have been exploited to date.
Conclusion: prioritising cybersecurity
The incidents at Progress Software shine a spotlight on the essential importance of cybersecurity and the proactive management of vulnerabilities. It is imperative that companies using software solutions such as WS_FTP Server promptly implement the security updates provided and ensure constant monitoring of their systems to strengthen protection against future cyberattacks.