A vulnerability was discovered in an Internet-facing asset (files.palantir.com). A proof of concept (POC) was developed and used to validate the finding. The vulnerability was patched and resolved.
Blog about this vulnerability published. You can read full detail here:
https://blog.viettelcybersecurity.com/moveit-transfer-cve/