ClickCease Progress Hotfixes: Rapid Action Against Vulnerabilities

Content Table

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Progress Hotfixes: Rapid Action Against Vulnerabilities

Wajahat Raja

October 11, 2023 - TuxCare expert team

Progress Software has acted quickly to strengthen the security of its software offerings by issuing a number of hotfixes. These Progress hotfixes are intended to address a severe security hole as well as seven other flaws discovered in the WS_FTP Server Ad hoc Transfer Module and the WS_FTP Server manager interface. In this blog, we’ll go through the specifics of these vulnerabilities, their potential implications, flaw remediation by Progress, as well as the need to deploy these updates as soon as possible.

Progress Hotfixes Against The Critical Vulnerability

Progress Software has discovered a critical security bug, CVE-2023-40044, with a CVSS score of 10.0. This vulnerability affects all WS_FTP Server software versions. Progress software security updates are quite competent. The competency can be admired given the efficient release of Hotfix solutions for vulnerabilities.

Understanding CVE-2023-40044

A pre-authenticated attacker can exploit a .NET deserialization vulnerability within the Ad Hoc Transfer module in WS_FTP Server versions prior to 8.7.4 and 8.8.2. This could result in remote commands being executed on the underlying WS_FTP Server operating system.

CVE-2023-40044 was discovered and reported by security researchers Shubham Shah and Sean Yeoh, highlighting the necessity of a strong cybersecurity community working together to secure systems and data.

Other Identified Flaws

When it comes to addressing software vulnerabilities with hotfixes, Progress Software takes rapid action by releasing hotfixes to enhance software security. However, several additional vulnerabilities have been identified, all impacting WS_FTP Server versions prior to 8.8.2. These vulnerabilities include: 

  1. CVE-2023-42657 (CVSS score: 9.9) – This is a directory traversal vulnerability that could be exploited for unauthorized file operations.
  2. CVE-2023-40045 (CVSS score: 8.3) – This is a reflected cross-site scripting (XSS) vulnerability within the WS_FTP Server’s Ad Hoc Transfer module, enabling the execution of arbitrary JavaScript within the victim’s browser.
  3. CVE-2023-40047 (CVSS score: 8.3) – This is a stored cross-site scripting (XSS) vulnerability in the WS_FTP Server’s Management module, which could be exploited by an attacker with admin privileges to inject malicious SSL certificates with XSS payloads.
  4. CVE-2023-40046 (CVSS score: 8.2) – This is an SQL injection vulnerability in the WS_FTP Server manager interface, potentially leading to unauthorized access and modification of database contents.
  5. CVE-2023-40048 (CVSS score: 6.8) – This is a cross-site request forgery (CSRF) vulnerability in the WS_FTP Server Manager interface, which could enable attackers to perform malicious actions on behalf of authenticated users.
  6. CVE-2022-27665 (CVSS score: 6.1) – This is a reflected cross-site scripting (XSS) vulnerability in Progress Ipswitch WS_FTP Server 8.6.0, allowing the execution of malicious code on client-side systems.
  7. CVE-2023-40049 (CVSS score: 5.3) – This is an authentication bypass vulnerability that permits users to enumerate files under the ‘WebServiceHost’ directory listing.

Ransomware Threats Loom

Given the recent increase in ransomware attacks against Progress Software’s products, particularly the MOVEit Transfer secure file transfer platform, customers must act quickly to protect their computers. According to Emsisoft, these assaults have affected over 2,100 organizations and over 62 million people.

Cybersecurity Firm Rapid7’s Warning

Rapid7 has discovered many instances of WS_FTP exploitation in the field. This shows that opportunistic attackers are actively exploiting these flaws. Users are strongly advised to implement the offered fixes as soon as possible.

According to Assetnote’s advisory for CVE-2023-40044, this vulnerability is a typical .NET deserialization flaw that can lead to remote code execution. It’s surprising that such a serious security problem has gone undetected for so long, especially because most versions of WS_FTP are vulnerable.

Conclusion

Vigilance and quick response are critical in the area of cybersecurity to protect sensitive data and systems. Progress rapid response to software flaws ensures that critical vulnerabilities are swiftly resolved with the latest hotfixes. Users are highly advised to apply the offered hotfixes as soon as possible in order to safeguard their systems against potential dangers. 

Enhancing software security with Progress hotfixes stresses the importance of effectively addressing these software vulnerabilities. In an age when cyberattacks are growing more sophisticated, proactive security measures are critical to ensuring business continuity and data integrity. 

The sources for this piece include articles in The Hacker News and Security Week

 

Summary
Progress Hotfixes: Rapid Action Against Vulnerabilities
Article Name
Progress Hotfixes: Rapid Action Against Vulnerabilities
Description
Discover how Progress hotfixes address critical vulnerabilities. Safeguard your systems with our latest updates. Stay secure and compliant.
Author
Publisher Name
TuxCare
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Become a TuxCare Guest Writer

Get started

Mail

Join

4,500

Linux & Open Source
Professionals!

Subscribe to
our newsletter