Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks

Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks

April 20, 2024 at 01:57AM

Users of CrushFTP are urged to update to version 11.1 following the discovery of a security flaw that has been exploited. Customers in a DMZ restricted environment are protected. The vulnerability, discovered by Simon Garrelou, allows users to download system files. CrowdStrike observed targeted exploits in the wild, mainly on U.S. entities, suspected to be politically motivated.

The meeting notes indicate that users of CrushFTP enterprise file transfer software are advised to update to the latest version (v11.1.0) due to a security flaw that is being exploited in a targeted manner. Cybersecurity company CrowdStrike reported that the exploit for this flaw has been observed in the wild, mainly targeting U.S. entities, with suspected politically motivated motives. However, customers operating CrushFTP instances within a restricted DMZ environment are protected against the attacks. Simon Garrelou of Airbus CERT is credited with discovering and reporting the flaw, which has not yet been assigned a CVE identifier. CrowdStrike advises CrushFTP users to prioritize patching and follow the vendor’s website for the most up-to-date instructions.

Full Article