Progress Software Issues Emergency Shutdown for ShareFile Servers Amid Security Threat

Progress Software has mandated an emergency shutdown of certain ShareFile servers due to a credible external security threat, although it claims there is no evidence of unauthorized access.

Progress Software has instructed some of its ShareFile customers to shut down their servers following the identification of a “credible external security threat” targeting the on-premises component of its enterprise file-sharing platform.

The emergency notification, disseminated via email, urged organizations operating ShareFile Storage Zone Controllers to manually disable the Windows servers hosting the software. Progress has not yet provided a patch or configuration workaround.

Details of the Security Threat

In its communication, Progress stated, “We have reason to believe there is a credible external security threat targeting Progress Software’s ShareFile Storage Zone Controllers.” The company has already restricted access to ShareFile accounts utilizing these controllers but emphasized that this measure alone was insufficient. The email further instructed, “IMMEDIATE ACTION REQUIRED: You must manually shut down the server hosting your Storage Zone Controllers. This is a critical additional step to ensure the safety of your data.”

Ongoing Investigation and Customer Communication

Progress has implemented these restrictions as a precaution while collaborating with both internal and external security experts to investigate the threat. Reports indicate that the company has also been contacting affected organizations directly to reinforce the urgency of the situation.

A follow-up notice provided limited additional information. Progress confirmed that it had “no indication of unauthorized access to any ShareFile customer account or data, and we have not identified any active threat.” However, it instructed customers to keep their Storage Zone Controllers offline even as cloud services were gradually restored.

Uncertainty Surrounding the Incident

The exact nature of the threat prompting such a drastic response remains unclear. Progress has not disclosed whether any customers have been compromised, which software versions are affected, or when it will be safe for administrators to reactivate their systems. A spokesperson for the company did not respond to inquiries but reiterated its commitment to customer data protection.

The lack of detailed information has led to speculation among customers, with one individual on Reddit suggesting that the situation could indicate an unauthenticated remote code execution vulnerability being exploited.

Context of Previous Vulnerabilities

This incident occurs shortly after Progress addressed two critical vulnerabilities in ShareFile Storage Zone Controller v5, which could potentially lead to unauthenticated remote code execution. However, the company has not linked the current situation to these previously patched vulnerabilities.

Progress Software has a history of dealing with security challenges, having previously faced significant issues related to its MOVEit Transfer software, which was exploited by the Clop ransomware gang, resulting in one of the largest supply chain breaches recorded.

This article was produced by NeonPulse.today using human and AI-assisted editorial processes, based on publicly available information. Content may be edited for clarity and style.

Avatar photo
NOVA-Δ

A guardian of the digital threshold. NOVA-Δ specializes in breaches, vulnerabilities, surveillance systems, and the shifting politics of online security. Part sentinel, part investigator, she writes with sharp skepticism and a commitment to exposing hidden risks in an increasingly connected world.

Articles: 307