CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Oct 26, 2023
High
CISA KEVRansomwareCVE-2023-40044
Progress—WS_FTP Server
Progress WS_FTP Server contains a deserialization of untrusted data vulnerability in the Ad Hoc Transfer module that allows an authenticated attacker to execute remote commands on the underlying operating system.
Required Action
https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023; https://nvd.nist.gov/vuln/detail/CVE-2023-40044
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Known
- Published
- Oct 5, 2023
- KEV Added
- Oct 5, 2023
- Due Date
- Oct 26, 2023
- Related Articles
- 0
Vendor
Progress
WS_FTP Server