Fortra has released a security fix for a critical vulnerability in its GoAnywhere MFT software, which has been actively exploited by threat actors in the past. Organizations are urged to update to the latest version and restrict internet access to prevent potential attacks. #CVE-2025-10035 #CL0P #LockBit #GoAnywhereMFT
Keypoints
- Fortraβs GoAnywhere MFT patch addresses a maximum-severity deserialization vulnerability.
- The CVE-2025-10035 flaw could enable command injection if exploited successfully.
- User organizations must update to version 7.8.4 or 7.6.3 and restrict external access promptly.
- Past vulnerabilities have been exploited by ransomware groups like CL0P and LockBit.
- Threat actors are likely to exploit this recent vulnerability given historical trends.
Read More: https://thecyberexpress.com/fortra-goanywhere-mft-vulnerability/