A new and critical vulnerability has been identified in Fortra's GoAnywhere Managed File Transfer (MFT) solution. This flaw, tracked as CVE 2025 10035, poses a significant threat to organisations using the software, with a maximum CVSS score of 10.0.
This blog post breaks down the vulnerability, explains its potential impact and provides the crucial steps you need to take to secure your systems immediately.
Understanding the GoAnywhere Managed File Transfer Vulnerability
At its core, CVE 2025 10035 is a deserialisation vulnerability located in the License Servlet of GoAnywhere MFT.
- What is it? This vulnerability allows an attacker to exploit the way the software processes data. By forging a valid license response signature, an attacker can trick the system into deserialising (reconstructing) an object they control.
- What’s the danger? This can lead to remote command injection, giving the attacker the ability to execute arbitrary code on the vulnerable system.
- The result? A successful exploit could lead to a full system compromise, allowing attackers to steal sensitive data, deploy ransomware or gain a foothold within a company’s network.
This vulnerability affects GoAnywhere MFT versions 0 through 7.8.3.
The Technical Details: A Deeper Look
The weakness is categorised under two key Common Weakness Enumerations (CWEs):
- CWE 502 - Deserialisation of Untrusted Data: This is the primary weakness. When software deserialises data, it reconstructs an object from a stream of bytes. If this data comes from an untrusted source, it can be manipulated to create a malicious object that runs harmful code.
- CWE 77 - Improper Neutralisation of Special Elements used in a Command (‘Command Injection’): The deserialisation flaw leads directly to command injection, where an attacker’s input is incorrectly handled, allowing them to execute commands on the underlying operating system.
While this vulnerability is not yet listed in the Known Exploited Vulnerability (KEV) catalog and has not been publicly linked to ransomware operators, its perfect CVSS score indicates the severity and ease of exploitation.
Immediate Action Required
The NCSC (National Cyber Security Centre) and Fortra strongly recommend that all affected organisations take immediate action to:
- Prioritise Updates: Treat this vulnerability with the highest priority. Install the latest updates provided by Fortra as soon as possible.
- Review and Test: Before deployment, always review the latest release notes from Fortra and perform thorough testing to ensure the patch does not disrupt your business operations.
- Stay Informed: Keep an eye on official advisories from Fortra and cybersecurity agencies like the NCSC.
For more information, please refer to the official advisories:
Secure Your Systems with a Trusted Partner
A vulnerability with a CVSS score of 10.0 is a wake up call for all organisations. Don’t leave your critical systems exposed.
At Secora Consulting, we specialise in helping businesses like yours identify, mitigate and manage cybersecurity risks. Our team of CREST accredited experts can perform a comprehensive Vulnerability Assessment or Penetration Test to ensure your entire infrastructure is secure against threats like CVE 2025 10035.
Don't wait for a breach. Proactively secure your defences today.Fill out the form below to get started, and let our experts help you enhance your cybersecurity posture. 👇