Zero-Day Vulnerability in Fortra’s GoAnywhere MFT Being Actively Exploited
February 15, 2023 Alex Woodie
A critical security vulnerability in Fortra’s (formerly HelpSystems) managed file transfer (MFT) solution, GoAnywhere MFT, is being actively exploited to steal data from companies and possibly even to spread ransomware according to published reports. Fortra told customers to consider every managed credential in their GoAnywhere environment to be compromised, shut down cloud instances of the service, and issued an emergency patch for the zero-day security vulnerability.
Security reporter Brian Krebs was the first to share news of the vulnerability, which is described as remote code injection flaw that requires administrative console access for successful exploitation. In a February 2 post …Read more