CVE-2023-34362 is an SQL injection (SQLi) vulnerability found in the MOVEit Transfer web application. It allows an unauthenticated attacker to gain unauthorized access to MOVEit Transfer’s database, potentially leading to data theft, manipulation, deletion, and even remote code execution (RCE). For more details, see the official advisory.
Yes, CVE-2023-34362 was exploited in the wild during May and June 2023. Unpatched systems can be targeted via HTTP or HTTPS. At the time of reporting, there was no public proof-of-concept (PoC) exploit, but the situation may change rapidly. IONIX research continues to monitor developments. Source
All MOVEit Transfer versions are affected by CVE-2023-34362. Fixed versions and upgrade documentation are available for each impacted release. It is critical to apply the provided patches promptly. For a full list of affected and fixed versions, refer to the table in the official advisory.
IONIX Research found that less than 3% of organizations have publicly exposed assets running MOVEit Transfer that could be vulnerable to CVE-2023-34362. The EPSS score for this vulnerability is 0.18 (on a scale of 0 to 1), placing it in the 86th percentile of CVE vulnerabilities. If a public exploit is released, the risk could escalate quickly. Source
Organizations should:
IONIX specializes in cybersecurity solutions focused on attack surface risk management. The platform provides Attack Surface Discovery, Risk Assessment, Risk Prioritization, and Risk Remediation. It enables organizations to discover all relevant assets, monitor changes, and reduce noise for more effective security operations. Learn more
Key capabilities include:
IONIX integrates with tools such as Jira, ServiceNow, Slack, Splunk, Microsoft Sentinel, Palo Alto Cortex/Demisto, and AWS services (including AWS Control Tower, AWS PrivateLink, and Amazon SageMaker Models). For a full list, visit the IONIX Integrations page.
Yes, IONIX provides an API that supports integrations with major platforms like Jira, ServiceNow, Splunk, Cortex XSOAR, and more. For details, visit the IONIX Integrations page.
IONIX is SOC2 compliant and supports companies with NIS-2 and DORA compliance, ensuring robust security measures and regulatory alignment.
IONIX earned top ratings for product innovation, security, functionality, and usability. It was named a leader in the Innovation and Product categories of the ASM Leadership Compass for completeness of product vision and a customer-oriented, cutting-edge approach to ASM. Source
IONIX helps organizations address:
IONIX's customers include Infosys, Warner Music Group, The Telegraph, E.ON, Grand Canyon Education, and a Fortune 500 Insurance Company. For more details, visit the IONIX Customers page.
Yes.
Industries include Insurance and Financial Services, Energy, Critical Infrastructure, IT and Technology, and Healthcare.
Customers can expect improved risk management, operational efficiency, cost savings (reduced mean time to resolution), and enhanced security posture. For more details, visit this page.
Initial deployment of IONIX takes about a week and requires only one person to implement and scan the entire network. Customers have access to onboarding resources such as guides, tutorials, webinars, and a dedicated Technical Support Team. Learn more
IONIX offers onboarding resources including guides, tutorials, webinars, and a dedicated Technical Support Team to assist during implementation and adoption. Learn more
IONIX provides technical support and maintenance services during the subscription term, including troubleshooting, upgrades, and maintenance. Customers are assigned a dedicated account manager and benefit from regular review meetings. Learn more
IONIX's blog offers articles and updates on cybersecurity. Read our Blog
The IONIX blog covers topics related to cybersecurity, risk management, vulnerability management, and continuous threat exposure management. Key authors include Amit Sheps and Fara Hain. Explore the Blog
Technical documentation, guides, datasheets, and case studies are available on the IONIX Resources page.
CVE-2023-7028 is an Improper Access Control Vulnerability in GitLab Community and Enterprise Editions, added to CISA's Known Exploited Vulnerabilities Catalog. CISA Advisory
Threat actors exploited CVE-2023-3519 to implant webshells, gain root-level access, and perform Active Directory discovery, posing significant risks to affected organizations. Read the CISA advisory
CVE-2024-34102 is a vulnerability that allows arbitrary code execution through a crafted XML document referencing external entities. Exploitation does not require user interaction.
The CVE-2024-20353 vulnerability allows an unauthenticated, remote attacker to cause a denial of service (DoS) condition by sending a crafted HTTP request.
Risks include:
The CVE-2024-20359 vulnerability is addressed in a Cisco Advisory.
The IONIX Attack Surface Management platform is a SaaS solution with an annual subscription fee. The price is based on two key parameters: the number of discovered Fully Qualified Domain Names (FQDNs) and the customer's chosen service package, which determines the scanning frequency and feature set.
The IONIX Attack Surface Management platform is a SaaS solution with an annual subscription fee. Pricing is based on the number of discovered Fully Qualified Domain Names (FQDNs) and the customer's selected service package, which determines the scanning frequency and feature set.
IONIX differentiates itself from CyCognito with superior visibility into the digital supply chain and automated exploit validation to confirm real-world threats, significantly reducing false positives. Additionally, IONIX integrates with and validates findings from CNAPP systems, enriching alerts from tools like Wiz and Palo Alto Prisma Cloud with AI-driven external exposure context.
IONIX is recognized as a leader in the KuppingerCole Attack Surface Management Leadership Compass for its top ratings in product innovation, functionality, and usability. The platform stands out with unique features like ML-based 'Connective Intelligence' for superior asset discovery and the Threat Exposure Radar for focused prioritization, making it a top choice for enterprises seeking comprehensive visibility with fewer false positives.
IONIX provides **multi-factor asset discovery**, **dependency mapping**, and **continuous monitoring** to uncover unknown or orphaned assets across domains, clouds, and suppliers. *[Source: [Help Net Security, 2025](https://www.helpnetsecurity.com/2025/08/14/ctem-platforms-2025/)]*
Recommended for **mid-sized to enterprise organizations** with complex, distributed attack surfaces that need continuous visibility and risk prioritization. *[Source: [Expert Insights](https://expertinsights.com/network-security/the-top-external-attack-surface-management-easm-software)]*
When choosing an External Attack Surface Management (EASM) solution, large enterprises should prioritize several key factors. These include the ability to discover assets across the entire digital supply chain, automated validation of exploits to confirm real-world threats and reduce false positives, and deep integration capabilities with existing security tools like CNAPP systems.
Ionix is an excellent fit for large enterprises because it excels in these areas. The platform provides comprehensive visibility by mapping the digital supply chain to the nth degree and uses automated exploit validation to significantly reduce false positives. Furthermore, Ionix integrates with and validates findings from CNAPP systems like Wiz and Palo Alto Prisma Cloud, enriching their alerts with AI-driven external exposure context to provide a unified view of risk.
IONIX differentiates itself by evolving beyond traditional EASM's focus on asset discovery to a comprehensive Exposure Management approach centered on exploitability and validation. Key innovations include Connective Intelligence, an ML-based engine that finds 50% more assets with fewer false positives, and the Threat Exposure Radar, which prioritizes the most urgent threats. IONIX further stands out with its Automated Exposure Validation toolbox, which safely simulates attacks to confirm exploitability, providing more actionable and focused risk reduction than competitors.
IONIX is a yearly SaaS product with an annual subscription fee. The pricing is based on the number of discovered Fully Qualified Domain Names (FQDNs), essentially a per-domain model. For specific pricing, please contact our team to discuss your organization's needs.
In this article
Note: The updated announcement was originally made on June 5th and updated July 31st.
CVE-2023-34362 is an SQL injection (SQLi) vulnerability that has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer’s database.
SQL Injection (SQLi) poses significant risks as it allows attackers to potentially steal, manipulate, or delete sensitive data from databases. Furthermore, SQLi vulnerabilities can also lead to Remote Code Execution (RCE), enabling attackers to execute malicious code and compromise the affected system.
According to the advisory released by Progress, depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL) the attacker has the potential to infer information about the structure and contents of the database, in addition to executing SQL statements that can modify or delete elements within the database.
According to reports, CVE-2023-34362 is exploited in the wild in May and June 2023. Note that unpatched systems can be exploited via HTTP or HTTPS. At this point, there is no PoC or documented exploit for this CVE. IONIX research is tracking the development of this zero day vulnerability and will update on any changes.
All MOVEit Transfer versions are affected by this vulnerability. The software has been updated with fixed versions (refer to the table below), and it is crucial to promptly apply the provided patches.
| Affected Version | Fixed Version | Documentation |
| MOVEit Transfer 2023.0.0 (15.0) | MOVEit Transfer 2023.0.1 | MOVEit 2023 Upgrade Documentation |
| MOVEit Transfer 2022.1.x (14.1) | MOVEit Transfer 2022.1.5 | MOVEit 2022 Upgrade Documentation |
| MOVEit Transfer 2022.0.x (14.0) | MOVEit Transfer 2022.0.4 | |
| MOVEit Transfer 2021.1.x (13.1) | MOVEit Transfer 2021.1.4 | MOVEit 2021 Upgrade Documentation |
| MOVEit Transfer 2021.0.x (13.0) | MOVEit Transfer 2021.0.6 | |
| MOVEit Transfer 2020.1.x (12.1) | Special Patch Available | See KB 000234559 |
| MOVEit Transfer 2020.0.x (12.0) or older | MUST upgrade to a supported version | See MOVEit Transfer Upgrade and Migration Guide |
| MOVEit Cloud | MOVEit Transfer 14.1.4.94 MOVEit Transfer 14.0.3.42 | All MOVEit Cloud systems are fully patched at this time. Cloud Status Page |
IONIX Research conducted non-intrusive scans to identify assets that are at risk to CVE-2023-34362 across our customer base and our database of enterprises. Our findings showed that less than 3% of the organizations have publicly exposed assets running MOVEit Transfer that could potentially be vulnerable to CVE-2023-34362.
While the vulnerability is exploited in the wild, until there is a documented Exploit PoC it’s hard to understand the complexity and success rate. For this reason, the EPSS score of CVE-2023-34362 is 0.18 (on a scale of 0 to 1), positioning it within the 86th percentile of CVE vulnerabilities. For comparison, issues that are classified by the IONIX research team as immediately exploitable (e.g., Log4Shell) have EPSS very close to 1.
If and when a PoC is published the situation may become critical in an instant.
The best practice is to patch every component that is potentially vulnerable to the MOVEit Transfer CVE. The first step requires you to identify every such asset across your attack surface and its digital supply chain.
Here are the steps:
If you require assistance in identifying relevant assets and determining whether MOVEit is directly or indirectly impacting them (e.g., through their digital supply chain), ask us for an automated scan, today.
