A critical security flaw has been reported in the GoAnywhere managed file transfer (MFT) solution. This tool is often used by companies to transfer encrypted files securely. The flaw allows a remote, unauthenticated attacker to take control of the system. Given a history of attackers quickly exploiting similar flaws in mass-exploitation campaigns, it is critical that impacted organizations patch immediately.
Attackers can exploit this vulnerability, bypass authentication, and create a new admin user. From there, it is easy for an attacker to use the newly created admin account to access and steal sensitive data or take other malicious actions. The flaw impacts Fortra GoAnywhere MFT 6.x from 6.0.1 and Fortra GoAnywhere MFT 7.4.0 and earlier.
While there are no reports of exploitation attempts yet, a similar vulnerability in GoAnywhere last year was exploited within a few days and led to a large number of data theft attacks. Immediately upgrading to a fixed version is crucial to avoid likely forthcoming attacks.
We encourage your organization to take the following steps to mitigate against potential attack: