GoAnywhere MFT Zero‑Day Bypasses Perimeter Defenses, Exposes File Transfer Core

VMware’s investigation uncovered a high‑severity deserialization flaw in the GoAnywhere Managed File Transfer (MFT) platform. The zero‑day allowed an attacker to achieve remote code execution without authentication, effectively taking control of the file‑transfer service. Because GoAnywhere often sits behind the corporate firewall and is trusted for internal data movement, the exploit let the adversary slip past network‑level controls and operate with unrestricted privileges inside the environment.

The breach gave the threat actors full read/write access to all configured transfer endpoints, enabling massive data exfiltration, ransomware staging, or lateral movement to other critical systems. Defenders must treat privileged internal services as potential attack vectors, prioritize rapid patching of MFT appliances, enforce strict least‑privilege access, and implement deep‑packet inspection and anomaly detection on file‑transfer traffic—perimeter security alone is no longer sufficient.

Categories: Vulnerabilities & Exploits, Threat Intelligence

Source: Read original article