Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation

The Hacker News by The Hacker News
October 10, 2025
Home Cybersecurity
Share on FacebookShare on Twitter


Oct 10, 2025Ravie LakshmananVulnerability / Network Security

Fortra on Thursday revealed the results of its investigation into CVE-2025-10035, a critical security flaw in GoAnywhere Managed File Transfer (MFT) that’s assessed to have come under active exploitation since at least September 11, 2025.

The company said it began its investigation on September 11 following a “potential vulnerability” reported by a customer, uncovering “potentially suspicious activity” related to the flaw.

That same day, Fortra said it contacted on-premises customers who were identified as having their GoAnywhere admin console accessible to the public internet and that it notified law enforcement authorities about the incident.

DFIR Retainer Services

A hotfix for versions 7.6.x, 7.7.x, and 7.8.x of the software was made available the next day, with full releases incorporating the patch – versions 7.6.3 and 7.8.4 – made available on September 15. Three days later, a CVE for the vulnerability was formally published, it added.

“The scope of the risk of this vulnerability is limited to customers with an admin console exposed to the public internet,” Fortra said. “Other web-based components of the GoAnywhere architecture are not affected by this vulnerability.”

However, it conceded that there are a “limited number of reports” of unauthorized activity related to CVE-2025-10035. As additional mitigations, the company is recommending that users restrict admin console access over the internet, as well as enable monitoring and keep software up-to-date.

CVE-2025-10035 concerns a case of deserialization vulnerability in the License Servlet that could result in command injection without authentication. In a report earlier this week, Microsoft revealed that a threat it tracks as Storm-1175 has been exploiting the flaw since September 11 to deploy Medusa ransomware.

CIS Build Kits

That said, there is still no clarity on how the threat actors managed to obtain the private keys needed to exploit this vulnerability.

“The fact that Fortra has now opted to confirm (in their words) ‘unauthorized activity related to CVE-2025-10035’ demonstrates yet again that the vulnerability was not theoretical and that the attacker has somehow circumvented, or satisfied, the cryptographic requirements needed to exploit this vulnerability,” watchTowr CEO and founder Benjamin Harris said.



Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
The Hacker News

The Hacker News

Next Post
China retaliates against U.S. port fees with new charges on American ships

China retaliates against U.S. port fees with new charges on American ships

Recommended.

CrowdStrike-AWS Security Partnership: 5 Latest Moves

CrowdStrike-AWS Security Partnership: 5 Latest Moves

August 7, 2025
Ahold Delhaize USA debuts employee app

Ahold Delhaize USA debuts employee app

April 6, 2026

Trending.

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

May 1, 2026
Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

May 4, 2026
Google’s 0 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

Google’s $750 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

April 24, 2026
AWS Solution Provider Caylent Unveils Dedicated Anthropic Claude Unit

AWS Solution Provider Caylent Unveils Dedicated Anthropic Claude Unit

April 30, 2026
Dell’s Infrastructure Blitz: Private Cloud, PowerStore Elite, PowerEdge In Spotlight At Dell Technologies World 2026

Dell’s Infrastructure Blitz: Private Cloud, PowerStore Elite, PowerEdge In Spotlight At Dell Technologies World 2026

May 19, 2026

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio