CVE-2021-27102 Accellion CVE debrief

Who should care

Organizations that operate Accellion FTA, along with security and IT teams responsible for patching, monitoring, and retiring file transfer systems, should treat this as urgent.

Technical summary

The CVE is described as an OS command injection issue in Accellion FTA. The supplied authoritative sources identify it as a known exploited vulnerability and note known ransomware campaign use. The documented defensive action is to apply updates per vendor instructions.

Defensive priority

Urgent. CISA lists this CVE in KEV, with a remediation due date of 2021-11-17, and the entry notes known ransomware campaign use.

Recommended defensive actions

• Apply updates per vendor instructions.
• Prioritize identification of any Accellion FTA instances in your environment.
• Review exposure and monitoring for systems using Accellion FTA.
• Use the CISA KEV due date as the remediation target and escalate if patching is not immediately possible.

Evidence notes

All statements are based on the supplied CISA KEV source item and the linked official records. The source metadata names the vulnerability as 'Accellion FTA OS Command Injection Vulnerability,' lists 'knownRansomwareCampaignUse' as 'Known,' and records 'requiredAction' as 'Apply updates per vendor instructions.' CVE and source published/modified dates supplied for this record are 2021-11-03.

Official resources