The makers of MOVEit have patched another major security flaw

The WS_FTP Server product was found to be vulnerable in multiple ways

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The company behind the now-famous (for all the wrong reasons) MOVEit managedfile transfer softwarehas warned its clients that a different product - WS_FTP Server, also carries a couple of high-severity flaws that can be exploited inmalwarehacks.

In an advisory, Progress said WS_FTP carried eight vulnerabilities, two of which were labeled as critical. One is tracked as CVE-2023-40044 (severity rating 10/10), while the other is tracked as CVE-2023-42657 (9.9/10). These vulnerabilities allow threat actors to run a range of malicious activities, including remote code execution.

“Attackers could also escape the context of the WS_FTP Server file structure and perform the same level of operations (delete, rename, rmdir, mkdir) on file and folder locations on the underlyingoperating system,” Progress said in the advisory.

Patching the flaw

The worst part is - these flaws don’t even require user interaction, as the company adds, “We have addressed the vulnerabilities above and the Progress WS_FTP team strongly recommends performing an upgrade.”

“We do recommend upgrading to the most highest version which is 8.8.2. Upgrading to a patched release, using the full installer, is the only way to remediate this issue. There will be an outage to the system while the upgrade is running.”

There is also a way to remove and disable the vulnerable WS_FTP Server Ad Hoc Transfer Module, for those who cannot patch right away, or don’t really use the service. The details can be foundhere.

Progress is the company behind MOVEit, a managed file transfer solution that wascompromised by ransomware actors Clop, resulting in a major data theft affecting more than 2,000 firms, so far.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

As for WS_FTP Server, we don’t know if the flaws were used by any hackers in the meantime, but the product was being used by “thousands” of IT teams, according to Progress.

ViaBleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Dangerous Android banking malware looks to trick victims with fake money transfers

Sophos Firewall hack on government network used an all-new custom malware

New World: Aeternum review: Amazon’s ailing MMORPG gets a much-needed second wind