Skip to main content
Zero Days & Vulns

Accellion FTA zero-day vulnerabilities 

By 19 février 2021mai 4th, 2021No Comments

Four zero-day vulnerabilities were detected  in Accellion’s File Transfer Appliance. Many offensive groups are targeting and exploiting actively those vulnerabilities.

The vulnerabilities have been undercovered in december 2020 and the other two in January 2021 :

  • CVE-2021-27101 which allows for SQL injection 
  • CVE-2021-27104 enabling the attacker to perform command injection.
  • CVE-2021-27102 also enabling command injection 
  • CVE-2021-27103 is an SSRF vulnerability 


Accellion strongly recommends its customers to migrate and use their new firewall content platform Kiteworks

The actors behind the cyberattacks remain unidentified as of today. However Mandiant is actively monitoring the potential connections and overlaps between UNC2546, the label for the perpetrator of this attack and other adversaries FIN11 and UNC2582. 

For more information, refer to Accellion FTA end of life statement and migration support proposal, as well as Mandiant’s report and FireEye’s research on the threat
Sources : FireEye, Accellion, Bleeping Computer, Qualys, LeMagIT