Fortra GoAnywhere MFT RCE Vulnerability
Zero-day exploited in the wild
Fortra (formerly, knowns as HelpSystems) GoAnywhere MFT contains a pre-authentication remote code execution vulnerability in the License Response Servlet. Learn More »
Common Vulnerabilities and Exposures
Background
GoAnywhere MFT is a secure managed file transfer solution that streamlines the exchange of data between systems, employees, customers, and trading partners. The security flaw CVE-2023-0669, enables attackers to gain remote code execution on unpatched GoAnywhere MFT. According to the Fortra advisory, the exploit requires public internet access to the administrative console of the application.
Threat Radar Overall Score: 3.4
CVSS Rating | 7.0 | |
FortiRecon Score | 92/100 | |
Known Exploited | Yes | |
Exploit Prediction Score | 96.97% | |
FortiGuard Telemetry | 45 |
Latest Development
Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.
February 1, 2023: Fortra posted a security advisory: https://my.goanywhere.com/webclient/ViewSecurityAdvisories.xhtml#zerodayfeb1
February 7, 2023: Fortra released a patch (7.1.2) to address this actively exploited vulnerability.
February 10, 2023: Clop ransomware was linked to breaching about 130 organisations using GoAnywhere zero-day and has claimed responsibility to bleeping computer. https://www.bleepingcomputer.com/news/security/clop-ransomware-claims-it-breached-130-orgs-using-goanywhere-zero-day/
February 10, 2023: CISA added the CVE-2023-0669 GoAnywhere MFT vulnerability to its Known Exploited Vulnerabilities Catalog.
FortiGuard Labs recommends updating the vulnerable versions of GoAnywhere MFT and patch to version 7.12 as mentioned in the advisory as soon as possible and has released an IPS signature to detect and block any attack relating to the flaw CVE-2023-0669.
FortiGuard Cybersecurity Framework
Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.
-
Vulnerability
-
IPS
-
Automated Response
-
Assisted Response Services
-
InfoSec Services
-
Attack Surface Monitoring (Inside & Outside)
Vulnerability Detects vulnerable GoAnywhere MFT (CVE-2023-0669)
IPS Detects and blocks attack attempts related to GoAnywhere MFT RCE (CVE-2023-0669)
Automated Response Services that can automaticlly respond to this outbreak.
FortiClient Forensics
FortiXDR
Assisted Response Services Experts to assist you with analysis, containment and response activities.
Incident Response
FortiRecon: ACI
InfoSec Services Security readiness and awareness training for SOC teams, InfoSec and general employees.
Response Readiness
Security Awareness
FortiPhish
Attack Surface Monitoring (Inside & Outside) Security reconnaissance and penetration testing services, covering both internal & external attack vectors, including those introduced internally via software supply chain.
Security Rating
FortiRecon: EASM
FortiRecon: BP
FortiDevSec
FortiDAST
Threat Intelligence
Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.
Loading ...
Indicators of compromise
IOC Indicator List
Indicators of compromise
IOC Threat Activity
Last 30 days
Chg
Avg 0
Mitre Matrix
Click here for the ATT&CK Matrix
References
Sources of information in support and relation to this Outbreak and vendor.