Back to Feed
VulnerabilitiesJul 14, 2026

Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown

Progress Software confirms zero-day path traversal flaw in ShareFile Storage Zone Controllers.

Summary

Progress Software has confirmed a high-severity zero-day path traversal vulnerability in its ShareFile Storage Zone Controllers (versions 5.x and 6.x). This flaw allows authenticated administrators to read arbitrary files, write malicious content, and enumerate the server filesystem. The company has released security updates and urges customers to install them immediately to bring their Storage Zone Controllers back online, stating there is no current indication of customer data breaches.

Full text

Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown By Lawrence Abrams July 14, 2026 12:08 PM 0 Progress Software has confirmed that a high-severity zero-day vulnerability is behind the emergency shutdown of ShareFile Storage Zone Controllers last week and has released security updates to patch the flaw. Last week, Progress urged customers using ShareFile Storage Zone Controllers to immediately shut down their Windows servers after receiving a warning of a "credible external security threat." At the time, the company temporarily disabled access to all ShareFile accounts using Storage Zone Controllers while it investigated the incident with cybersecurity experts. In an update sent to customers today, Progress says its investigation identified a high-severity path traversal vulnerability affecting all 5.x and 6.x versions of ShareFile Storage Zone Controller. "An authenticated administrative user can read arbitrary files accessible to the application's service account, write threat actor-controlled content to arbitrary directories or enumerate the server filesystem layout," reads an email seen by BleepingComputer. Progress says a CVE identifier has been reserved for the vulnerability, and it will be published in two weeks. The company has released versions 5.12.5 and 6.0.2 of the ShareFile Storage Zone Controller and urges all customers to install the security updates as soon as possible. Once the updates are installed, Storage Zone Controllers can be brought back online. While Progress received "information from a credible source" regarding a potential threat targeting ShareFile customers, they now say that there is no indication that customers were breached. "Currently, we have no indication of unauthorized access to any ShareFile customer account or data, and we have not identified any active threat," Progress said. Storage Zone Controllers are customer-managed Windows servers that allow organizations to keep files on-premises while continuing to use ShareFile's cloud platform for authentication, permissions, auditing, and collaboration. As Storage Zone Controllers contain the files transferred using the system, they are a valuable target for extortion gangs in data theft attacks. BleepingComputer has asked Progress whether the vulnerability was discovered internally or by an external researcher, why the CVE publication is being delayed for two weeks, and whether additional technical details will be released. We will update this story if we receive a response. Test every layer before attackers do Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection. Get the whitepaper Related Articles: Google: Hackers exploited Zimbra zero-day in attacks on govt orgsHidden backdoor in Tenda router firmware grants admin accessMicrosoft patches RoguePlanet Defender zero-day vulnerabilityMicrosoft Defender 'RoguePlanet' zero-day grants SYSTEM privilegesPath traversal flaw in AI dev platform Langflow exploited in attacks

Entities

ShareFile Storage Zone Controller (product)Progress Software (vendor)