- CVE-2025-10035 is a critical deerialization failure in Goanywhere MFT
- Fortra urges users to patch immediately; There is no confirmed exploitation in the flow still
- Vulnerability can allow command injection if systems are exposed to the Internet
Recently a vulnerability of critical severity was recently discovered in the MFT of Fortra Goanywhere, with users to users to apply the solution as soon as possible.
Goanywhere MFT is a tool that helps companies send and receive files safely, designed to protect the data during transfers, automate file exchange tasks and work with systems both in the cloud and in the former.
At the beginning of 2023, the Cl0P Ransomware Group found a zero day in the tool and used it to attack more than 130 companies, including large names such as Procter & Gamble and Hitachi Energy. Although Fortra quickly launched a patch, many companies were not updated on time, which allowed CL0P to steal confidential data such as personal and commercial information, and then use it to extort the victims for money.
Software update
This time, there is no word of abuse in the bank, but Fortra said he discovered the error “during a security verification.”
The defect is described as a vulnerability of deerialization in the Servlet of the Fortra’s Goanywhere MFT license, which allows the threat actors with a valid license response firm to denerialize an arbitrary object controlled by the actor, “possibly leading to command injection.”
The error is now tracked as CVE-2025-10035, and has a 10/10 gravity score (critic). It was solved in Goanywhere MFT 7.8.4 and supported version 7.6.3, and users are advised to update their software to the newest versions as soon as possible.
“The exploitation of this vulnerability depends to a large extent that the systems are exposed externally to the Internet,” Fortra emphasized.
In addition to patching the defect, MFT users are also advised to monitor their administration audit records for suspicious activities, and registration files for errors containing signed.
You can find more details, as well as the ICI, in this link.
Through Bleepingcomputer
