Network Security, Vulnerability Management, Endpoint/Device Security

Intrusions exploiting critical CrushFTP zero-day underway

Cloud technology and Data storage concept, Concept of Exchange information and data with internet cloud technology. FTP(File Transfer Protocol) files receiver.

Vulnerable CrushFTP file transfer server software instances impacted by a critical virtual file system escape zero-day have been subjected to ongoing targeted attacks that could enable the download of system files, Security Affairs reports.

Such intrusions leveraging the flaw, which was discovered by Airbus CERT's Simon Garrelou, have already been identified by CrowdStrike's Falcon OverWatch and Falcon Intelligence threat intelligence offerings, said CrowdStrike in a Reddit post.

Meanwhile, fixes for the issue have already been issued by CrushFTP in v11.1.0 of the software that enables file transfers through FTP, HTTP, SFTP, FTPS, WebDAV, and WebDAV SSL protocols.

"CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files… Customers using a DMZ in front of their main CrushFTP instance are protected with its protocol translation system it utilizes," said CrushFTP, which also offers automation, user management, scripting, and customization support to organizations.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.