CVE-2023-35036

Vulnerability updated 7 months ago (2024-05-04T17:19:21.348Z)

Download STIX

Preview STIX

CVE-2023-35036 is a significant vulnerability identified in the MOVEit Transfer software, part of the Progress Software suite. This flaw was first reported on June 16, 2023, following the discovery and exploitation of CVE-2023-34362 by a Clop ransomware affiliate. The CVE-2023-35036 vulnerability presents as an SQL injection flaw that can be weaponized to access the application's database content, posing a severe threat to data security. The disclosure of CVE-2023-35036 occurred a week after Progress revealed another set of SQL injection vulnerabilities. This new vulnerability is distinct from CVE-2023-34362, which was previously exploited by the Clop ransomware gang against several high-profile entities including Shell, British Airways, the BBC, and the Nova Scotia government. Despite these separate incidents, both vulnerabilities underscore the persistent security challenges faced by the Progress Software suite. Progress patched the CVE-2023-35036 flaw on May 31st. However, following the patch, a proof-of-concept exploit was developed by security researchers, indicating potential for future breaches. Further vulnerabilities were also discovered subsequent to the patching, reinforcing the critical need for ongoing vigilance and robust security measures in the face of evolving cyber threats.

Description last updated: 2024-05-04T17:11:36.508Z

What's your take? (Question 1 of 3)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Moveit

Vulnerability

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The Clop Malware is associated with CVE-2023-35036. Clop, a malicious software (malware), is linked to a Russian-speaking cybercriminal group also known as Cl0p. It is designed to exploit and damage computer systems by stealing personal information, disrupting operations, or holding data hostage for ransom. In May 2023, the Clop group began exploitin	Unspecified	2

Associated Vulnerabilities

To see the evidence that has resulted in these vulnerability associations, create a free account

Alias Description	Association Type	Votes
The CVE-2023-34362 Vulnerability is associated with CVE-2023-35036. CVE-2023-34362 is a critical software vulnerability found in Progress Software's managed file transfer (MFT) solution, MOVEit Transfer. This flaw was an SQL injection vulnerability that allowed for escalated privileges and unauthorized access. The vulnerability became active on May 27, 2023, when it	Unspecified	2

Source Document References

Information about the CVE-2023-35036 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Unit42	10 months ago	Ransomware Retrospective 2024: Unit 42 Leak Site Analysis
CERT-EU	10 months ago	Clop ransomware gang takes out dubious top spot as most prolific operator of 2023 \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware \| National Cyber Security Consulting
InfoSecurity-magazine	a year ago	Daily Malicious Files Soar 3% in 2023, Kaspersky Finds
CERT-EU	a year ago	Progress Software discloses 2 new CVEs in MOVEit
CERT-EU	a year ago	Update on MOVEit Transfer SQL Injection Vulnerabilities: CVE-2023-34362, CVE-2023-35036 and CVE-2023-35708 - Cyber Security Review
CERT-EU	a year ago	Ontario perinatal and child registry BORN breached
CERT-EU	a year ago	LockBit, BlackCat, and Clop Prevail as Top RAAS Groups: Ransomware in 1H 2023
CERT-EU	a year ago	IT threat evolution in Q2 2023. Non-mobile statistics – GIXtools
CERT-EU	a year ago	PC malware statistics, Q2 2022
CERT-EU	a year ago	MOVEit victim count closes in on 400 orgs, 20M+ individuals
CERT-EU	a year ago	The attack via Progress MOVEit Transfer
CERT-EU	a year ago	MOVEit Transfer Faces Another Critical Data-Theft Bug
CERT-EU	a year ago	How to Use FAIR Analysis to Quantify Risk from the MOVEit Vulnerability
CERT-EU	a year ago	Threat Response That Outpaces Cyberattacks
CERT-EU	a year ago	MOVEit Data Breach Victims Sue Progress Software
Naked Security	a year ago	S3 Ep140: So you think you know ransomware?
BankInfoSecurity	a year ago	MOVEit Data Breach Victims Sue Progress Software
CERT-EU	a year ago	Anomali Cyber Watch: Cadet Blizzard - New GRU APT, ChamelDoH Hard-to-Detect Linux RAT, Stealthy DoubleFinger Targets Cryptocurrency
CERT-EU	a year ago	MOVEit Customers Urged to Patch Third Critical Vulnerability
CERT-EU	a year ago	A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708) \| IT Security News