Critical Fortra GoAnywhere Vulnerability Exposed: 513 Instances at Risk
A critical vulnerability in Fortra's GoAnywhere Managed File Transfer (MFT) tool is causing concern. With 513 exposed instances worldwide, including 363 in North America, threat actors are exploiting this flaw for ransomware attacks. Microsoft 365 has issued urgent guidance for users.
The vulnerability, CVE-2025-10035, scored a maximum of 10.0 on the CVSS scale. It allows command injection and potential remote code execution (RCE), enabling threat actors to perform system and user discovery, maintain long-term access, and deploy other tools for lateral movement and malware. No authentication is required if attackers can intercept valid license responses.
First exploited on September 11, 2021, the vulnerability was patched by Fortra a week later on September 18. However, threat group Storm-1175 exploited it as a zero day before the patch was released. Medusa ransomware, which has affected over 300 global victims in critical infrastructure sectors, was observed in one compromised environment.
Microsoft 365 advises GoAnywhere customers to upgrade to the latest version of the software, use enterprise attack surface management products, check perimeter firewalls, run EDR tools in block mode, and turn on block mode in corporate anti-virus products.
With over 500 exposed GoAnywhere instances and a highly exploitable vulnerability, swift action is needed. Organizations using GoAnywhere MFT should follow Microsoft 365's guidance to mitigate risks and protect against potential ransomware attacks.
Read also:
- HLC Approves ₹4,645.60 Crore for Flood Recovery and Wetland Rejuvenation in Nine States
- Crooked House Pub's Demolition: Council Orders Rebuild, Debate on Historic Building Protections
- Shaping India's Economic Progression: Readying the Financial System for Tomorrow
- Ethiopia's Grand Dam: 15,000 Lives Lost, Water Concerns Unresolved
