{"id":14227,"date":"2026-07-11T10:03:44","date_gmt":"2026-07-11T10:03:44","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/07\/11\/progress-urges-sharefile-admins-to-shut-down-servers-over-credible-security-threat\/"},"modified":"2026-07-11T10:03:44","modified_gmt":"2026-07-11T10:03:44","slug":"progress-urges-sharefile-admins-to-shut-down-servers-over-credible-security-threat","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/07\/11\/progress-urges-sharefile-admins-to-shut-down-servers-over-credible-security-threat\/","title":{"rendered":"Progress Urges ShareFile Admins to Shut Down Servers Over Credible Security Threat"},"content":{"rendered":"<p>    Progress Urges ShareFile Admins to Shut Down Servers Over Credible Security Threat<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p class=\"wp-block-paragraph\">Progress Software has issued an urgent advisory instructing customers running on-premises ShareFile Storage Zone Controllers to immediately power down the servers hosting these components, citing a \u201ccredible external security threat\u201d against the platform.<\/p>\n<p class=\"wp-block-paragraph\">The notice, sent directly to customers\u2019 inboxes, states that Progress has no current indication of unauthorized access to ShareFile accounts or data, but is taking the drastic step as a precaution while it works with internal and external cybersecurity experts to assess the threat.<\/p>\n<p class=\"wp-block-paragraph\">The email tells administrators that Progress has already disabled account access through Storage Zone Controllers for all affected customers, and separately demands manual shutdown of the underlying servers as a \u201ccritical additional step\u201d to protect data.<\/p>\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgXMQRGEaFBDXHA1kla3zHba69ivBbqFSn3unpn49nbiZXbjaZS6KuvxFrYmB7IBuF2BW7mBDybMPROvVMYI8kgZVvuT48fnvPsjpW3g8pmzjl5lbZixRwkxiOxVUdBeA2b8YMaA2pR47X0Zvnrve0_MeQHoh4zjTLZoac7xeyaSeB7LDfhGjMouT1yZVrd\/s1600\/Progress%2520ShareFile%2520Admins%2520Shut%2520Down%2520Servers1.webp?ssl=1\" alt=\"Progress ShareFile Admins Shut Down Servers\"><figcaption class=\"wp-element-caption\">Progress Alert<\/figcaption><\/figure>\n<\/div>\n<p class=\"wp-block-paragraph\">Progress says it expects to share updates within 24 hours and has framed the move as an abundance-of-caution measure rather than confirmation of an active breach.<\/p>\n<p class=\"wp-block-paragraph\">The company has not publicly detailed the nature of the threat, leaving open the possibility that it relates to a new zero-day or renewed exploitation attempts against the Storage Zone Controller architecture.<\/p>\n<p class=\"wp-block-paragraph\">This is not the first security scare tied to ShareFile\u2019s customer-managed gateway. In April 2026, watchTowr Labs disclosed two chainable vulnerabilities in Storage Zone Controller: <a href=\"https:\/\/cybersecuritynews.com\/progress-sharefile-vulnerability\/\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2026-2699, an authentication bypass<\/a> with a CVSS score of 9.8, and CVE-2026-2701, a remote code execution flaw scoring 9.1.<\/p>\n<p class=\"wp-block-paragraph\">Chained together, the bugs allowed unauthenticated attackers to reach restricted configuration pages and upload malicious ASPX webshells to achieve full remote code execution without credentials.<\/p>\n<p class=\"wp-block-paragraph\">Shadowserver Foundation identified roughly 784 internet-exposed instances at the time, with the United States and Germany showing the widest exposure, while watchTowr\u2019s broader scan found nearly 30,000 visible instances. Progress patched the flaws in version 5.12.4, and the newer 6.x branch, built on .NET Core, was confirmed unaffected.<\/p>\n<p class=\"wp-block-paragraph\">Given the platform\u2019s history of critical pre-authentication RCE flaws, security teams should treat this new warning seriously even without technical details, isolating internet-facing Storage Zone Controller instances and monitoring for further guidance from Progress.<\/p>\n<p class=\"has-text-align-center has-background wp-block-paragraph\" style=\"background:linear-gradient(180deg,rgb(238,238,238) 87%,rgb(169,184,195) 100%)\"><strong>Stop Accepting SLAs Written for 2019 SOCs \u2013 Here\u2019s the 2026 AI SLA <strong>Vendor<\/strong> Checklist<\/strong> \u2013 <strong><a href=\"https:\/\/underdefense.com\/ai-soc-sla-in-2026-mttr-benchmarks-clause-tables-negotiation-checklist\/?utm_source=cybersecuritynews.com&amp;utm_medium=online_media&amp;utm_campaign=csn_linkedin_newsletter_aisoc_sla_july_2026\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Download Free <strong>AI SOC SLA <\/strong>Guide<\/a><\/strong><\/p>\n<p>The post <a href=\"https:\/\/cybersecuritynews.com\/progress-sharefile-admins-shut-down-servers\/\">Progress Urges ShareFile Admins to Shut Down Servers Over Credible Security Threat<\/a> appeared first on <a href=\"https:\/\/cybersecuritynews.com\/\">Cyber Security News<\/a>.<\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Guru Baran<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/cybersecuritynews.com\/progress-sharefile-admins-shut-down-servers\/\">Go to cyber-security-news<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Progress Urges ShareFile Admins to Shut Down Servers Over Credible Security Threat Progress Software has issued an urgent advisory instructing customers running on-premises ShareFile Storage Zone Controllers to immediately power down the servers hosting these components, citing a \u201ccredible external security threat\u201d against the platform. The notice, sent directly to customers\u2019 inboxes, states that Progress [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[129,63],"tags":[130],"class_list":["post-14227","post","type-post","status-publish","format-standard","hentry","category-cyber-security","category-cyber-security-news","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/14227"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=14227"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/14227\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=14227"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=14227"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=14227"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}