Fortra has issued a critical security warning regarding a maximum severity vulnerability found in the License Servlet component of its GoAnywhere Managed File Transfer (MFT) software. This flaw poses a significant risk as it could allow unauthorized attackers to execute arbitrary code remotely, potentially leading to full system compromise. The vulnerability, identified as CVE-2024-28199, affects multiple versions of GoAnywhere MFT, a widely used enterprise file transfer solution. Fortra has released patches and urges all users to apply updates immediately to mitigate the risk. The flaw's exploitation could enable attackers to bypass authentication and gain elevated privileges, making it a high-priority issue for organizations relying on this software for secure file transfers. Cybersecurity teams are advised to review their systems for signs of compromise and implement recommended security measures promptly. This incident underscores the importance of timely patch management and vigilance against emerging threats in enterprise software environments.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Fri, 19 Sep 2025 14:25:14 +0000