Since 12 January 2021, the ACSC has been working with cyber security partners to assist Australian organisations in relation to an SQL injection vulnerability in the Accellion File Transfer Appliance (FTA). If exploited, this vulnerability may provide an attacker with access to content stored on, and accessible by, the FTA instance.
If your organisation is impacted by the Accellion FTA vulnerability, the ACSC’s recommendations are:
Temporarily isolate or block internet access to and from systems hosting the FTA.
Review the joint United States, United Kingdom, Australia, New Zealand and Singapore advisory available at CISA and examine the FTA using the included indicators of compromise.
If indicators of compromise are identified, the ACSC strongly recommends impacted organisations report the incident to the ACSC via 1300 CYBER1.
If no indicators of compromise are identified, follow Accellion’s advice to apply security patches as soon as possible. Given that FTA is regarded as a legacy product by Accellion, organisations using FTA should migrate to currently supported products.
Additional information and supporting tools
Information regarding FTA and the associated vulnerability is available at the Accellion website.
The ACSC encourages all organisations to continually assess and apply the Essential Eight strategies to protect their systems.
The ACSC is monitoring the situation and is able to provide assistance and advice as required. Organisations that have been impacted can contact the ACSC via 1300 CYBER1.