We take security very seriously here at ShareFile. Prior to the CVE release, we had patched, validated, and ran extensive testing against the product to validate it’s secure. Protecting our customers’ data is a cornerstone of our products.
We worked with and notified impacted customers in advance of the announced CVE to update to the latest version of our software to assure the safety of their data. Our control plane is no longer connected to any ShareFile StorageZones Controller (SZC) that is not patched. We want to remind our customers that they should make sure that they fully shutdown any machine that was running an older version of the SZC software and that has been disconnected from the ShareFile control plane.
If you have additional questions or need help, please contact ShareFile support.