Emergency Fix Released for GoAnywhere MFT ZeroDay Vulnerability Being Exploited

Fortra has released an emergency patch to address a security flaw in its GoAnywhere MFT secure file transfer tool that is being actively exploited by attackers. The vulnerability allows them to gain remote code execution on vulnerable GoAnywhere MFT instances whose administrative console is exposed online. The company has warned customers to patch their instances as soon as possible and has provided indicators of compromise to help them identify if their system has been targeted. On Monday, security researcher Florian Hauser of IT security consulting firm Code White also released a proof-of-concept exploit that could be used to achieve unauthenticated remote code execution on Internet-exposed and unpatched GoAnywhere MFT servers. To protect their systems, customers can either apply the security patch or follow Fortra's mitigation advice, which requires implementing access controls to allow access to the admin interface only from trusted sources or disabling the licensing service. If the system has been breached, customers should check if any credentials or keys used to access external systems have been stored and make sure they have been revoked. They should also review relevant access logs related to those systems and check if any passwords or keys used to encrypt files within the system have been compromised.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 07 Feb 2023 08:39:03 +0000


Cyber News related to Emergency Fix Released for GoAnywhere MFT ZeroDay Vulnerability Being Exploited

Exploit released for Fortra GoAnywhere MFT auth bypass bug - Exploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT software that allows attackers to create new admin users on unpatched instances via the administration portal. GoAnywhere MFT is a web-based ...
10 months ago Bleepingcomputer.com
CVE-2018-0688 - Open redirect vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, ...
5 years ago
CVE-2018-0689 - HTTP header injection vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September ...
5 years ago
Fortra's GoAnywhere MFT Software Faces Exploitation, No Evidence of Active Exploitation Detected - Reports on the exploitation of Fortra's GoAnywhere MFT file transfer software raised concerns due to the potential development of exploit code from a publicly released Proof of Concept. As of Thursday afternoon, there was no evidence of active ...
10 months ago Cysecurity.news
Emergency Fix Released for GoAnywhere MFT ZeroDay Vulnerability Being Exploited - Fortra has released an emergency patch to address a security flaw in its GoAnywhere MFT secure file transfer tool that is being actively exploited by attackers. The vulnerability allows them to gain remote code execution on vulnerable GoAnywhere MFT ...
1 year ago Bleepingcomputer.com
Revealing a Way to Take Advantage of a Newly Discovered Security Flaw in GoAnywhere MFT - A security researcher has released proof-of-concept exploit code that can be used to perform unauthenticated remote code execution on vulnerable GoAnywhere MFT servers. GoAnywhere MFT is a web-based and managed file transfer tool designed to help ...
1 year ago Bleepingcomputer.com
Revealing a Vulnerability in GoAnywhere MFT that is Currently Being Abused - A security vulnerability in GoAnywhere MFT, a web-based and managed file transfer tool, has been actively exploited. The exploit code was released by Florian Hauser of Code White, which allows for unauthenticated remote code execution on vulnerable ...
1 year ago Bleepingcomputer.com
A Fix Released to Stop the Unauthorized Use of GoAnywhere MFT Software - Recently, a zero-day vulnerability was discovered in the GoAnywhere managed file transfer software, and news of active exploitation has been reported. Fortra, formerly known as HelpSystems, released two security notifications with mitigations and ...
1 year ago Securityweek.com
10 of the biggest zero-day attacks of 2023 - Here are 10 of the biggest zero-day attacks of 2023 in chronological order. Zero-day attacks started strong in 2023 with CVE-2023-0669, a pre-authentication command injection vulnerability in Fortra's GoAnywhere managed file transfer product. ...
11 months ago Techtarget.com
Alert for GoAnywhere MFT Users Potential ZeroDay Vulnerability Detected - Users of the GoAnywhere secure managed file transfer software have been warned about a potential security risk. This software, created by Fortra (formerly known as HelpSystems), is designed to help organizations securely exchange data with their ...
1 year ago Securityweek.com
Hackers Can Gain Access to Servers Through a GoAnywhere MFT Security Flaw - GoAnywhere MFT, a secure web file transfer solution, has warned customers of a zero-day remote code execution vulnerability on exposed administrator consoles. This exploit requires access to the administrative console, which should not normally be ...
1 year ago Bleepingcomputer.com
High-severity flaw affects Cisco Firepower Management Center - CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Hackers ...
6 months ago Securityaffairs.com
High-severity flaw affects Cisco Firepower Management Center - CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Hackers ...
6 months ago Securityaffairs.com
CVE-2021-47465 - In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest() In commit 10d91611f426 ("powerpc/64s: Reimplement book3s idle code in C") kvm_start_guest() became ...
6 months ago Tenable.com
Experts found a macOS version of the sophisticated LightSpy spyware - Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group exploits JetBrains TeamCity bugs in ransomware attacks. Experts released PoC exploit for critical ...
6 months ago Securityaffairs.com
Check Point released hotfix for actively exploited VPN zero-day - MUST READ. Check Point released hotfix for actively exploited VPN zero-day. Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Apple ...
6 months ago Securityaffairs.com
newsletter Round 478 by Pierluigi Paganini - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group exploits ...
5 months ago Securityaffairs.com
BreachForums resurrected after FBI seizure - Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group ...
6 months ago Securityaffairs.com
Experts released PoC exploit code for RCE in Fortinet SIEM - Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw. Crowdfense is offering a larger 30M USD exploit acquisition program. Threat actors actively exploit JetBrains TeamCity flaws to deliver malware. PoC ...
6 months ago Securityaffairs.com
Juniper Networks fixed a critical authentication bypass flaw in some of its routers - MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog. Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 ...
5 months ago Securityaffairs.com
New MOVEit Transfer critical bug is actively exploited - MUST READ. New MOVEit Transfer critical bug is actively exploited. CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. PoC ...
5 months ago Securityaffairs.com
Beware Cybercriminals Taking Advantage of Unpatched Vulnerability in Fortras GoAnywhere MFT - A recently discovered security flaw in Fortras GoAnywhere MFT managed file transfer application is being actively exploited in the wild. The vulnerability was first reported by security reporter Brian Krebs on Mastodon. It is a type of remote code ...
1 year ago Thehackernews.com
Week in review: 15 million Trello users' scraped data on sale, attackers can steal NTLM hashes - The reality of hacking threats in connected car systemsIn this Help Net Security interview, Ivan Reedman, Director of Secure Engineering at IOActive, discusses how manufacturers, government regulations, and consumers are adapting to these new ...
10 months ago Helpnetsecurity.com
PoC exploit for critical Fortra FileCatalyst MFT vulnerability released - Proof-of-concept exploit code for a critical RCE vulnerability in Fortra FileCatalyst MFT solution has been published. Fortra FileCatalyst is an enterprise managed file transfer software solution that includes several components: FileCatalyst Direct, ...
9 months ago Helpnetsecurity.com
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
6 months ago Securityaffairs.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)