Ransomware groups are attacking unpatched versions of a popular IBM file transfer software. IBM Aspera Faspex is a widely used enterprise file-exchange application that securely and quickly moves large files across an organization. The flaw is reportedly being used to sidestep authentication and remotely exploit code. Multiple ransomware groups are using this vulnerability. Security experts are urging users to take the application offline until they are able to fully patch the product across their enterprise.
According to Data Breach Today, while the flaw was patched in December, IBM didn't appear to have immediately detailed the vulnerability - one of many - fixed in that update. In a January 26 security alert, IBM said that the flaw, designated CVE-2022-47986 and given a base CVSS score of 9.8, "could allow a remote attacker to execute arbitrary code on the system … by sending a specially crafted obsolete API call." Malicious activity tracking group Shadowserver on Feb.13 warned that it was seeing active, in-the-wild attempts to exploit CVE-2022-47986 in vulnerable versions of Aspera Faspex.
After being informed of the vulnerability the Adaptiva team quickly added the newly available IBM Aspera patch to its library. Clients are now able to easily patch this vulnerability across their entire endpoint network. OneSite Patch already boasts an impressive library of Metadata with nearly 600 applications and growing, this event represents a great example of how flexible and fast our team is able to respond to the most urgent needs.
The need for patching is not new, Adaptiva in partnership with Ponemon Institute recently released The State of Patch Management in the Digital Workplace Report and found that on average organizations manage at least 2,990 applications across all devices, and more than half of these applications are not up-to-date and therefore non-compliant.
We recently launched OneSite Patch which is a game-changing solution for patching applications. It eliminates the need for manual intervention and pseudo-automation techniques, providing truly automated patch management at enterprise scale. So, when events like this occur organizations are able to quickly react and stay ahead of the bad actors who are actively attacking.
Patching is one of IT’s most manual time-consuming tasks with OneSite Patch organizations are able to automate the entire patching process from the initial discovery and testing of the patch – in this case IBM Aspera to the successful enterprise-wide deployment.
OneSite Patch rides on the Adaptiva OneSite Platform meaning it is not reliant on SCCM/Intune or any other WSUs but can significantly improve their content distribution performance. So, in times like these when every day, hour and minute count organizations can quickly push out critical updates and ensure enterprise-wide installation without affecting the network or their end users.
If you are struggling to patch Aspera against this vulnerability or if you’re still manually patching applications across your environment, get in touch and you’ll never patch applications the same again.
