Federal agencies are urgently required to patch CVE-2025-10035, a critical vulnerability in Fortraβs GoAnywhere MFT that is believed to be exploited by hackers. Experts warn that the exploit has been active in the wild since September 10, raising concerns over widespread attacks and highlighting the need for immediate action. #CVE-2025-10035 #GoAnywhereMFT
Keypoints
- All federal civilian agencies must patch the CVE-2025-10035 vulnerability by October 20.
- The vulnerability affects Fortraβs GoAnywhere MFT and is rated 10 out of 10 in severity.
- There are credible reports of active exploitation of this vulnerability since September 10.
- Fortra identified the issue on September 11 and released a patch along with mitigation guidance.
- Experts compare this vulnerability to past exploits involving ransomware gangs and large corporations.
Read More: https://therecord.media/cisa-orders-federal-gov-patch-fortra-bug