The threat obviously goes further: discovery of another vulnerability for unauthorized SQL injection. MOVEit needs to be patched again to prevent cyberattacks.
Vulnerabilities are discovered every day, and attackers keep checking to see if they can monetize a new vulnerability. When a new vulnerability is confirmed, we as defenders need to consider two things: how difficult it would be for the attackers to exploit the vulnerability, and how likely it is that it will be exploited. The latter usually depends on the spread of the affected software: the more widespread it is, the higher the probability that it will be exploited.
This latest vulnerability [CVE-2023-36934] uncovered by Progress Software is the perfect storm. An unauthenticated SQL injection bug is easily exploited by attackers with little technical know-how and offers them a number of opportunities. These range from adding a field to a webpage to steal information from unsuspecting users who fill out the 'form' to tricking the application with an 'SQL query' to reveal all information in any backend database. In this case, the door is completely open for malicious people and they can enter unhindered.
A question of time
Criminals have already attacked MOVEit or exploited the vulnerabilities with great success. While we don't have any evidence yet that this new MOVEit vulnerability has also been attacked, everything indicates that it's only a matter of time. Rather than waiting to be attacked and then reacting, it's important for security teams to take a pre-emptive approach to cyber defenses. The need to understand the attack surface and proactively manage risk to the organization has never been more urgent. (Bernard Montel, Technical Director at Tenable)
More at Tenable.com
About Tenable Tenable is a Cyber Exposure company. Over 24.000 companies worldwide trust Tenable to understand and reduce cyber risk. Nessus inventors have combined their vulnerability expertise in Tenable.io, delivering the industry's first platform that provides real-time visibility into and secures any asset on any computing platform. Tenable's customer base includes 53 percent of the Fortune 500, 29 percent of the Global 2000, and large government agencies.