Accellion had said earlier this month all known vulnerabilities had been remediated, following "sophisticated cyberattacks" on its legacy file transfer appliance (FTA) software in December and January.
CGG said on Friday the vulnerability that exploited Accellion's secure FTA, before they could find a corrective patch, was originally discovered in another Accellion customer environment.
"At CGG, Accellion's FTA was used on a separate server, isolated from production IT infrastructure," the company said.
"This standalone server had limited use within CGG and was not used to transfer or store personal or commercial sensitive information.
"There has been no operational or financial impact."
It said it would thoroughly investigate the incident, in collaboration with Accellion and CGG's external security partners, to document full details and identify any potential areas to further reduce future risks and would notify relevant parties if any pertinent information became available.
Separately, the Australian government recently said its Cyber Security Centre was working with cybersecurity partners to assist organisations impacted by the Accellion FTA vulnerability.