Fortra has released an emergency patch to address an actively exploited zero-day vulnerability in the GoAnywhere MFT secure file transfer tool.
The vulnerability allows attackers to gain remote code execution on vulnerable GoAnywhere MFT instances whose administrative console is exposed online.
The company has disclosed (this advisory can only be accessed with a free account) over the weekend that the flaw is being exploited in attacks and has provided indicators of compromise for potentially affected customers, including a specific stack trace that would show up in the logs on compromised systems.
“If this stacktrace is in the logs, it is very likely this system has been the target of attack,” Fortra said.
Now, it has added an update to its customer dashboard tagged as “time sensitive” and urging customers to patch their instances “as soon as possible.”
“This patch (7.1.2) was created as a result of the issue we disclosed in the Security Advisories published last week related to GoAnywhere MFTaaS. We urgently advise all GoAnywhere MFT customers to apply this patch,” Fortra says.
“Once downloaded, we recommend working with your administrators to get the patch applied as soon as possible to ensure full remediation of the identified issue.
“Particularly for customers running an admin portal exposed to the Internet, we consider this an urgent matter.”
