GoAnywhere MFT Zero‑Day Bypasses Firewalls, Triggers Massive Data Breach

VMware researchers uncovered a critical zero‑day in the GoAnywhere Managed File Transfer (MFT) platform that was actively weaponized by the Storm‑1175 threat group. The flaw, assigned a CVE with a 10.0 CVSS rating, allowed remote code execution without authentication and evaded detection by traditional perimeter firewalls. Because the vulnerability was undisclosed until exploitation was observed in the wild, organizations using the unpatched product were exposed to silent compromise.

The attack resulted in the exfiltration of sensitive corporate files and the manipulation of transfer jobs, demonstrating that relying solely on network borders is insufficient. Defenders must adopt a defense‑in‑depth strategy: apply vendor patches immediately, enforce strict application‑level controls, monitor for anomalous MFT activity, and employ zero‑trust segmentation to limit lateral movement. Early detection and rapid response are essential to contain similar supply‑chain attacks in the future.

Categories: Vulnerabilities & Exploits, Threat Intelligence

Source: Read original article