Particle.news

Progress Orders ShareFile Customers to Power Down Internet-Facing Storage Zone Controllers

Progress disabled cloud access for hybrid accounts to protect data during an investigation of a credible external security threat.

Overview

  • Progress sent an urgent customer email the evening of July 10 instructing administrators to immediately shut down internet-facing Windows servers that host ShareFile Storage Zone Controllers.
  • The company has temporarily disabled cloud-side access for accounts that use on-prem Storage Zone Controllers and says it is working with internal and external security experts to investigate the threat.
  • Progress reports no indication so far of unauthorized access to ShareFile accounts or data but has not disclosed technical details, affected versions, or a timeline for restoring service.
  • Storage Zone Controllers sit at the network edge and route customer file traffic between on-prem storage and the ShareFile cloud, which makes internet-facing controllers high-value targets and explains the manual shutdown instruction.
  • The move echoes a 2023 exploitation of an unauthenticated remote code execution flaw in the controller (CVE-2023-24489) and security experts warn roughly 3,000 internet-facing controllers could create a large potential blast radius if an exploit is active.