Users of the GoAnywhere secure managed file transfer software have been warned about a potential security risk. This software, created by Fortra (formerly known as HelpSystems), is designed to help organizations securely exchange data with their trading partners. Cybersecurity blogger Brian Krebs reported on the zero-day vulnerability on Thursday, and Fortra responded by temporarily disabling the service. The vulnerability is a zero-day remote code injection exploit, and requires access to the administrative console of the application. In most cases, this console should only be accessible from within a company's network, through a VPN, or from trusted IP addresses. However, some users may have exposed the console to the public internet. The web client interface, which is typically accessible from the internet, is not affected. It is not clear if the vulnerability has been exploited in the wild, but it is likely, as it is a zero-day. Fortra has provided instructions on how customers can check if their system has been compromised, and has recommended mitigations to prevent exploitation. Security researcher Kevin Beaumont has conducted a Shodan search and found roughly 1,000 internet-exposed systems, most of which are located in the United States.
Users of the GoAnywhere secure managed file transfer software have been warned of a potential security risk. This software, created by Fortra, is designed to help organizations securely exchange data with their trading partners. Cybersecurity blogger Brian Krebs reported on the zero-day vulnerability on Thursday, and Fortra responded by temporarily disabling the service. The vulnerability is a zero-day remote code injection exploit, and requires access to the administrative console of the application. This console should usually only be accessible from within a company's network, through a VPN, or from trusted IP addresses. However, some users may have exposed the console to the public internet. The web client interface, which is typically accessible from the internet, is not affected. It is not clear if the vulnerability has been exploited in the wild, but it is likely, as it is a zero-day. Fortra has provided instructions on how customers can check if their system has been compromised, and has recommended mitigations to prevent exploitation. Security researcher Kevin Beaumont has conducted a Shodan search and found roughly 1,000 internet-exposed systems, most of which are located in the United States.
This Cyber News was published on www.securityweek.com. Publication date: Fri, 03 Feb 2023 12:18:02 +0000