CVE-2023-35036

Vulnerability updated 23 days ago (2024-11-29T14:06:12.496Z)
Download STIX
Preview STIX
CVE-2023-35036 is a significant vulnerability identified in the MOVEit Transfer software, part of the Progress Software suite. This flaw was first reported on June 16, 2023, following the discovery and exploitation of CVE-2023-34362 by a Clop ransomware affiliate. The CVE-2023-35036 vulnerability presents as an SQL injection flaw that can be weaponized to access the application's database content, posing a severe threat to data security. The disclosure of CVE-2023-35036 occurred a week after Progress revealed another set of SQL injection vulnerabilities. This new vulnerability is distinct from CVE-2023-34362, which was previously exploited by the Clop ransomware gang against several high-profile entities including Shell, British Airways, the BBC, and the Nova Scotia government. Despite these separate incidents, both vulnerabilities underscore the persistent security challenges faced by the Progress Software suite. Progress patched the CVE-2023-35036 flaw on May 31st. However, following the patch, a proof-of-concept exploit was developed by security researchers, indicating potential for future breaches. Further vulnerabilities were also discovered subsequent to the patching, reinforcing the critical need for ongoing vigilance and robust security measures in the face of evolving cyber threats.
Description last updated: 2024-05-04T17:11:36.508Z
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Moveit
Vulnerability
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Clop Malware is associated with CVE-2023-35036. Clop, a malicious software (malware), is linked to a Russian-speaking cybercriminal group also known as Cl0p. It is designed to exploit and damage computer systems by stealing personal information, disrupting operations, or holding data hostage for ransom. In May 2023, the Clop group began exploitinUnspecified
2
Associated Vulnerabilities
To see the evidence that has resulted in these vulnerability associations, create a free account
Alias DescriptionAssociation TypeVotes
The CVE-2023-34362 Vulnerability is associated with CVE-2023-35036. CVE-2023-34362 is a critical software vulnerability found in Progress Software's managed file transfer (MFT) solution, MOVEit Transfer. This flaw was an SQL injection vulnerability that allowed for escalated privileges and unauthorized access. The vulnerability became active on May 27, 2023, when itUnspecified
2
Source Document References
Information about the CVE-2023-35036 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Unit42
a year ago
CERT-EU
a year ago
InfoSecurity-magazine
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
Naked Security
a year ago
BankInfoSecurity
a year ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago