<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=1354242&amp;fmt=gif">

GoAnywhere Vulnerability Alert | January 2024

GoAnywhere Vulnerability Overview


Background Information

A critical security flaw has been reported in the GoAnywhere managed file transfer (MFT) solution. This tool is often used by companies to transfer encrypted files securely. The flaw allows a remote, unauthenticated attacker to take control of the system. Given a history of attackers quickly exploiting similar flaws in mass-exploitation campaigns, it is critical that impacted organizations patch immediately.

Impact of the Vulnerability

Attackers can exploit this vulnerability, bypass authentication, and create a new admin user. From there, it is easy for an attacker to use the newly created admin account to access and steal sensitive data or take other malicious actions. The flaw impacts Fortra GoAnywhere MFT 6.x from 6.0.1 and Fortra GoAnywhere MFT 7.4.0 and earlier.

While there are no reports of exploitation attempts yet, a similar vulnerability in GoAnywhere last year was exploited within a few days and led to a large number of data theft attacks. Immediately upgrading to a fixed version is crucial to avoid likely forthcoming attacks.

Next Steps for GoAnywhere Customers:

We encourage your organization to take the following steps to mitigate against potential attack:

  1. Upgrade your GoAnywhere instance to at least version 7.4.1
  2. If you aren’t able to patch, Fortra has provided two alternate mitigation options:
    1. In non-container deployments: delete the InitialAccountSetup.xhtml file in the install directory and restart the services.
    2. In container-deployed instances: replace InitialAccountSetup.xhtml with an empty file and restart the services.

Recent Articles

Handling Cyber Objections: 'Cyber Insurance Is Too Expensive'

Clients may be quick to object to the cost of cyber insurance, but we'll unpack the real 'bang for your buck' argument to cyber coverage.

CDK Global Incident | June 2024

A popular auto dealer software is experiencing a cyber incident. Here's what you need to know.

Cyber and Construction: Laying Groundwork to Combat Digital Threats

The construction sector is facing urgent cybersecurity challenges. Learn more about unique risks and how creative underwriting solutions can help.