by | 7 Sep 2015

Critical Vulnerability in Magento eCommerce Platform

The Magento team has released a patch for a critical security breach (SUPEE-5344) that allows for remote shell the root account (RCE – Remote Command Execution). Since two months the hotfix is available but more than 50% of eCommerce sites using Magento are still vulnerable to the Shoplift bug. Find out in this article how critical is this breach, without forgetting a method to quickly find out if you are vulnerable.

eCommerce sites are vulnerable to the Shoplift bug

Despite the availability of the security patch, a survey at April 14th revealed that 60% of Magento installations have not applied the patch yet. This means that thousands of customer data including their personal details and their digital identities are at hand. The impact of this vulnerability on compromised Magento sites can be catastrophic as we pointed it out in the article “The impacts of an eCommerce hacked website“. For example, eCommerce sites like 3M and Gitem are currently vulnerable to the Shoplift bug.

Why an alert on the Shoplift bug (SUPEE-5344)?

Shoplift is a critical vulnerability that allows an attacker to execute any command on a server and take full remote control of an online store. Obtaining rights on the server allows attackers to perform malicious acts such as stealing the entire database, injection of a malware or defacement of the site. Your responsibility is exposed.

All the information on this vulnerability will be published on the Check Point blog in a few days. Once the details of this vulnerability will be published,  multiples attacks are expected on eCommerce sites based on Magento.

How do I know if my eCommerce is vulnerable?

To see if your Magento website is vulnerable to the SUPEE 5344 bug, shoplift released a free bug tester. If the vulnerability is detected on your Magento website, you need to patch it immediately by visiting the page Magento Community Edition Patches.

If you can not apply the security patch as soon as possible, it is highly recommended to use an effective cyber security solution. OZON can be activated in a minute , the virtual patching includes an automatic reduction of the attack surface of your site despite the presence of uncorrected vulnerabilities (virtual patching).