Fortra has released an urgent patch for a maximum-severity vulnerability in its GoAnywhere Managed File Transfer (MFT) software. The critical flaw is a deserialization vulnerability that could allow attackers with a forged license signature to execute arbitrary commands and gain full control of affected systems. While exploitation depends on the admin console being exposed to the internet, the potential for command injection poses a severe risk. The company strongly urges customers to upgrade to the latest patched versions or immediately restrict public access to the admin console. Given that previous vulnerabilities in the software were actively exploited by ransomware gangs, administrators are advised to apply the fix without delay.
Latest mentioned: 09-19
Earliest mentioned: 09-19