April 22, 2024 at 09:33AM
CrushFTP issued patches for a zero-day vulnerability affecting versions 9, 10, and 11. The flaw could allow an unauthenticated attacker to access system files. DMZ server users are protected. Version 10.71 and 11.1.0 have patches. Customers on version 9 should upgrade. The vulnerability has been exploited in the wild, and cybersecurity firm CrowdStrike indicates targeted attacks against US entities.
Here are the key takeaways from the meeting notes:
– CrushFTP released patches for a zero-day vulnerability in its file transfer server, impacting versions 9, 10, and 11.
– The vulnerability allows unauthenticated attackers to escape the virtual file system and retrieve system files, but customers using a DMZ server are protected.
– Patches were included in CrushFTP versions 10.71 and 11.1.0. Customers using version 9 should upgrade to a patched release.
– It was recommended that customers apply the available patches immediately due to the in-the-wild exploitation.
– The vulnerability was discovered and reported by Simon Garrelou of Airbus CERT.
– Cybersecurity firm CrowdStrike noted that the vulnerability had been exploited in a targeted fashion, mainly against US entities, possibly for intelligence gathering or political motives.