Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks

2 weeks ago AndyC

Apr 20, 2024NewsroomVulnerability / Endpoint Security

Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in t

Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks

Apr 20, 2024NewsroomVulnerability / Endpoint Security

Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks

Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild.

“CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files,” CrushFTP said in an advisory released Friday. “This has been patched in v11.1.0.”

That said, customers who are operating their CrushFTP instances within a DMZ (demilitarized zone) restricted environment are protected against the attacks.

Cybersecurity

Simon Garrelou of Airbus CERT has been credited with discovering and reporting the flaw. It has yet to be assigned a CVE identifier.

Cybersecurity company CrowdStrike, in a post shared on Reddit, said it has observed an exploit for the flaw being used in the wild in a “targeted fashion.”

CrushFTP Zero-Day Flaw

These intrusions are said to have mainly targeted U.S. entities, with the intelligence gathering activity suspected to be politically motivated.

“CrushFTP users should continue to follow the vendor’s website for the most up-to-date instructions and prioritize patching,” CrowdStrike said.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , ,

More Stories

Google Announces Passkeys Adopted by Over 400 Million Accounts

Google Announces Passkeys Adopted by Over 400 Million Accounts

2 hours ago AndyC
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks

Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks

2 hours ago AndyC
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw

Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw

14 hours ago AndyC
Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay Million

Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million

20 hours ago AndyC
When is One Vulnerability Scanner Not Enough?

When is One Vulnerability Scanner Not Enough?

20 hours ago AndyC
Dropbox Discloses Breach of Digital Signature Service Affecting All Users

Dropbox Discloses Breach of Digital Signature Service Affecting All Users

20 hours ago AndyC

You may have missed

UniSuper points finger at Google Cloud for lengthy service outage

UniSuper points finger at Google Cloud for lengthy service outage

1 hour ago AndyC
Cybersixgill launches third-party module to tackle cybersecurity risks

Cybersixgill launches third-party module to tackle cybersecurity risks

1 hour ago AndyC
Pathzero secures SOC 2 Type 1 compliance for enhanced cybersecurity

Pathzero secures SOC 2 Type 1 compliance for enhanced cybersecurity

1 hour ago AndyC
Google Announces Passkeys Adopted by Over 400 Million Accounts

Google Announces Passkeys Adopted by Over 400 Million Accounts

2 hours ago AndyC
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks

Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks

2 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.