CyberSecurityBoard
Sponsor Register Login

Alert for GoAnywhere MFT Users Potential ZeroDay Vulnerability Detected

Users of the GoAnywhere secure managed file transfer software have been warned about a potential security risk. This software, created by Fortra (formerly known as HelpSystems), is designed to help organizations securely exchange data with their trading partners. Cybersecurity blogger Brian Krebs reported on the zero-day vulnerability on Thursday, and Fortra responded by temporarily disabling the service. The vulnerability is a zero-day remote code injection exploit, and requires access to the administrative console of the application. In most cases, this console should only be accessible from within a company's network, through a VPN, or from trusted IP addresses. However, some users may have exposed the console to the public internet. The web client interface, which is typically accessible from the internet, is not affected. It is not clear if the vulnerability has been exploited in the wild, but it is likely, as it is a zero-day. Fortra has provided instructions on how customers can check if their system has been compromised, and has recommended mitigations to prevent exploitation. Security researcher Kevin Beaumont has conducted a Shodan search and found roughly 1,000 internet-exposed systems, most of which are located in the United States. Users of the GoAnywhere secure managed file transfer software have been warned of a potential security risk. This software, created by Fortra, is designed to help organizations securely exchange data with their trading partners. Cybersecurity blogger Brian Krebs reported on the zero-day vulnerability on Thursday, and Fortra responded by temporarily disabling the service. The vulnerability is a zero-day remote code injection exploit, and requires access to the administrative console of the application. This console should usually only be accessible from within a company's network, through a VPN, or from trusted IP addresses. However, some users may have exposed the console to the public internet. The web client interface, which is typically accessible from the internet, is not affected. It is not clear if the vulnerability has been exploited in the wild, but it is likely, as it is a zero-day. Fortra has provided instructions on how customers can check if their system has been compromised, and has recommended mitigations to prevent exploitation. Security researcher Kevin Beaumont has conducted a Shodan search and found roughly 1,000 internet-exposed systems, most of which are located in the United States.

This Cyber News was published on www.securityweek.com. Publication date: Fri, 03 Feb 2023 12:18:02 +0000


Cyber News related to Alert for GoAnywhere MFT Users Potential ZeroDay Vulnerability Detected

Exploit released for Fortra GoAnywhere MFT auth bypass bug - Exploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT software that allows attackers to create new admin users on unpatched instances via the administration portal. GoAnywhere MFT is a web-based ...
1 year ago Bleepingcomputer.com CVE-2024-0204
Fortra's GoAnywhere MFT Software Faces Exploitation, No Evidence of Active Exploitation Detected - Reports on the exploitation of Fortra's GoAnywhere MFT file transfer software raised concerns due to the potential development of exploit code from a publicly released Proof of Concept. As of Thursday afternoon, there was no evidence of active ...
1 year ago Cysecurity.news CVE-2024-0204 LockBit
Revealing a Way to Take Advantage of a Newly Discovered Security Flaw in GoAnywhere MFT - A security researcher has released proof-of-concept exploit code that can be used to perform unauthenticated remote code execution on vulnerable GoAnywhere MFT servers. GoAnywhere MFT is a web-based and managed file transfer tool designed to help ...
2 years ago Bleepingcomputer.com
Emergency Fix Released for GoAnywhere MFT ZeroDay Vulnerability Being Exploited - Fortra has released an emergency patch to address a security flaw in its GoAnywhere MFT secure file transfer tool that is being actively exploited by attackers. The vulnerability allows them to gain remote code execution on vulnerable GoAnywhere MFT ...
2 years ago Bleepingcomputer.com
Revealing a Vulnerability in GoAnywhere MFT that is Currently Being Abused - A security vulnerability in GoAnywhere MFT, a web-based and managed file transfer tool, has been actively exploited. The exploit code was released by Florian Hauser of Code White, which allows for unauthenticated remote code execution on vulnerable ...
2 years ago Bleepingcomputer.com
Maximum severity GoAnywhere MFT flaw exploited as zero-day - A critical zero-day vulnerability in the GoAnywhere Managed File Transfer (MFT) software is currently being exploited in the wild, posing a significant security risk to organizations using this platform. The flaw, rated with maximum severity, allows ...
1 week ago Bleepingcomputer.com CVE-2023-34362
Fortra Releases Critical Patch for CVSS 10.0 Vulnerability in GoAnywhere MFT - Fortra has released a critical security patch addressing a CVSS 10.0 vulnerability in its GoAnywhere Managed File Transfer (MFT) software. This vulnerability poses a severe risk as it allows remote code execution, potentially enabling attackers to ...
2 weeks ago Thehackernews.com CVE-2025-12345
Alert for GoAnywhere MFT Users Potential ZeroDay Vulnerability Detected - Users of the GoAnywhere secure managed file transfer software have been warned about a potential security risk. This software, created by Fortra (formerly known as HelpSystems), is designed to help organizations securely exchange data with their ...
2 years ago Securityweek.com
Microsoft warns of critical GoAnywhere bug exploited in ransomware attacks - Microsoft has issued a critical security warning regarding a vulnerability in the GoAnywhere managed file transfer (MFT) software, which is actively being exploited by ransomware attackers. The flaw, identified as CVE-2023-0669, allows threat actors ...
2 days ago Bleepingcomputer.com CVE-2023-0669
A Fix Released to Stop the Unauthorized Use of GoAnywhere MFT Software - Recently, a zero-day vulnerability was discovered in the GoAnywhere managed file transfer software, and news of active exploitation has been reported. Fortra, formerly known as HelpSystems, released two security notifications with mitigations and ...
2 years ago Securityweek.com
GoAnywhere 0-day RCE exploited by MedusaLocker ransomware gang - A critical zero-day remote code execution (RCE) vulnerability in the GoAnywhere Managed File Transfer (MFT) software has been actively exploited by the MedusaLocker ransomware group. This vulnerability allows attackers to execute arbitrary code on ...
1 day ago Cybersecuritynews.com CVE-2023-0669 MedusaLocker
GoAnywhere MFT Platform Vulnerability: Critical Flaw Exposes Data to Attackers - A critical vulnerability has been discovered in the GoAnywhere Managed File Transfer (MFT) platform, widely used by enterprises for secure file transfers. This flaw allows attackers to potentially execute unauthorized commands and access sensitive ...
2 weeks ago Cybersecuritynews.com CVE-2023-3519
Fortra warns of max-severity flaw in GoAnywhere MFT's License Servlet - Fortra has issued a critical security warning regarding a maximum severity vulnerability found in the License Servlet component of its GoAnywhere Managed File Transfer (MFT) software. This flaw poses a significant risk as it could allow unauthorized ...
2 weeks ago Bleepingcomputer.com CVE-2024-28199
10 of the biggest zero-day attacks of 2023 - Here are 10 of the biggest zero-day attacks of 2023 in chronological order. Zero-day attacks started strong in 2023 with CVE-2023-0669, a pre-authentication command injection vulnerability in Fortra's GoAnywhere managed file transfer product. ...
1 year ago Techtarget.com CVE-2023-0669 CVE-2023-34362 CVE-2023-36884 CVE-2023-4863 CVE-2023-41992 CVE-2023-41991 CVE-2023-41993 CVE-2023-22515
Hackers Can Gain Access to Servers Through a GoAnywhere MFT Security Flaw - GoAnywhere MFT, a secure web file transfer solution, has warned customers of a zero-day remote code execution vulnerability on exposed administrator consoles. This exploit requires access to the administrative console, which should not normally be ...
2 years ago Bleepingcomputer.com
CVE-2022-49763 - In the Linux kernel, the following vulnerability has been resolved: ...
5 months ago
Microsoft issues critical patch for GoAnywhere zero-day exploited in attacks - Microsoft has released a critical security update addressing a zero-day vulnerability in the GoAnywhere MFT (Managed File Transfer) software, which has been actively exploited by threat actors. The vulnerability allows attackers to execute arbitrary ...
1 day ago Infosecurity-magazine.com CVE-2023-34362
Fortra GoAnywhere 0-Day Vulnerability Exploited in the Wild - A critical zero-day vulnerability has been discovered in Fortra's GoAnywhere MFT (Managed File Transfer) software, actively exploited by threat actors. This flaw allows unauthenticated attackers to execute arbitrary code remotely, posing significant ...
1 week ago Cybersecuritynews.com CVE-2023-34362
Medusa ransomware exploit targets Fortra GoAnywhere flaw - A new ransomware strain named Medusa is actively exploiting a critical vulnerability in Fortra's GoAnywhere managed file transfer software. This flaw allows attackers to execute arbitrary code remotely, leading to potential ransomware deployment and ...
1 day ago Darkreading.com CVE-2023-0669
Week in review: 15 million Trello users' scraped data on sale, attackers can steal NTLM hashes - The reality of hacking threats in connected car systemsIn this Help Net Security interview, Ivan Reedman, Director of Secure Engineering at IOActive, discusses how manufacturers, government regulations, and consumers are adapting to these new ...
1 year ago Helpnetsecurity.com Cozy Bear
Beware Cybercriminals Taking Advantage of Unpatched Vulnerability in Fortras GoAnywhere MFT - A recently discovered security flaw in Fortras GoAnywhere MFT managed file transfer application is being actively exploited in the wild. The vulnerability was first reported by security reporter Brian Krebs on Mastodon. It is a type of remote code ...
2 years ago Thehackernews.com
PoC exploit for critical Fortra FileCatalyst MFT vulnerability released - Proof-of-concept exploit code for a critical RCE vulnerability in Fortra FileCatalyst MFT solution has been published. Fortra FileCatalyst is an enterprise managed file transfer software solution that includes several components: FileCatalyst Direct, ...
1 year ago Helpnetsecurity.com CVE-2024-25153
Huawei, Vivo phones tag Google app as TrojanSMS-PA malware - Huawei, Honor, and Vivo smartphones and tablets are displaying strange 'Security threat' alerts urging the deletion of the Google app, warning that it is detected as the 'TrojanSMS-PA' malware. In what appears to be a false positive, these security ...
1 year ago Bleepingcomputer.com Rocke
How Cyber Threat Intelligence Helps with Alert Triage - Proactive Defense: Threat intelligence fuels a proactive approach where SOC teams can anticipate incidents, preemptively block malicious infrastructures, adjust their triage processes and response plans accordingly, even before an alert is generated. ...
7 months ago Cybersecuritynews.com
SpyNote Android malware spreads via fake volcano eruption alerts - The Android 'SpyNote' malware was observed in attacks targeting Italy using a fake 'IT-alert' public alert service that infected visitors with the information-stealing malware. IT-alert is a legitimate public service operated by the Italian ...
1 year ago Bleepingcomputer.com Rocke

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)