Threat Intelligence Notification – MOVEit

June 2023

On 31st May, 2023 Progress Software Corporation announced of a zero-day SQL injection vulnerability (CVE-2023- 34362) in the MOVEit Transfer secure managed file transfer software that could allow an unauthenticated attacker to gain access to MOVEit Transfer’s database.

SFL confirms that it is not impacted by the MOVEit Transfer secure managed file transfer software.

SFLs file transfer services are monitored for such issues and have an added layer of protection through the use of white-listing to ensure only known endpoints are allowed to connect.

If you have any queries regarding the above please do not hesitate to contact us via support@sfl.co.uk