Critical GoAnywhere MFT Vulnerability (CVE‑2025‑10035): Stopping Command Injection Attacks

File transfer dashboard with code and injection icon illustrating vulnerability

Critical GoAnywhere MFT Vulnerability (CVE‑2025‑10035): Stopping Command Injection Attacks

11 Oct, 2025 06:59 PM

Fortra’s GoAnywhere Managed File Transfer (MFT) platform recently received a critical security alert for CVE-2025-10035. The vulnerability resides in the product’s License Servlet, where unsafe deserialization of a forged license response signature lets an attacker deserialize an arbitrary object and trigger command injection. With a CVSS score of 10.0, this bug allows remote unauthenticated attackers to execute arbitrary commands on the MFT server, potentially leading to full system compromise and theft of data in transit.

Threat actors, including the Storm-1175 group, have already weaponized this exploit to deploy ransomware and create backdoor admin accounts. Because GoAnywhere MFT is commonly used to transfer sensitive files such as medical records and financial statements, its compromise could expose regulated data and disrupt business operations. This vulnerability highlights how attackers are chaining zero-day exploits with social engineering; the global average cost of a breach climbed to $4.88 million in 2025, and ransomware crews aren’t slowing down.

To defend against CVE-2025-10035, organizations should:

- Apply the vendor’s hotfix and upgrade to the latest version; Fortra has released patches to address the issue. Delay in patching leaves your environment at risk, and attackers may exploit out-of-date components.
- Restrict access to the license administration console; place it behind VPNs or jump hosts and enforce strong authentication.
- Disable the License Servlet if not needed and review custom license code for misconfiguration or unauthorized modifications.
- Monitor logs and intrusion detection systems for signs of exploitation, such as unusual user creation or suspicious commands.
- Rotate credentials and review access controls on the MFT server regularly.

Terra System Labs can help you assess exposure and implement mitigations. Our experts provide penetration testing, secure configuration reviews, and incident response planning for managed file transfer systems. We also deliver security awareness training so employees can recognize phishing attempts that often precede zero‑day exploitation. Don’t wait for attackers to exploit this vulnerability – secure your file transfer infrastructure today.

GoAnywhere MFT CVE-2025-10035 deserialization vulnerability command injection file transfer security Terra System Labs

Team receiving cybersecurity awareness training about deepfake scams and AI-powered phishing, with shield icon on screen

Security Awareness Training in 2025: Deepfakes, AI Scams & Impersonation Attacks 11 Oct, 2025 11:54 PM Security Awareness

Digital network micro-perimeters with glowing shield representing zero trust architecture

Zero Trust Architecture in 2025: Why "Never Trust, Always Verify" Is Essential 11 Oct, 2025 11:48 PM Security Awareness

Recruiter watching a deepfake candidate glitching on a video interview with shield icon

AI Impersonation & Deepfake Hiring Scams: Protect Your Recruitment in 2025 11 Oct, 2025 11:40 PM Security Awareness

Developers examining code repository with malware icons and warnings representing supply chain attacks on GitHub and npm

Supply‑Chain Attacks on GitHub & npm: Protecting Developers in 2025 11 Oct, 2025 11:26 PM Cyber Security News

Employees using various unapproved apps with a shadow figure representing shadow IT risks

Shadow IT: The Hidden Threat Lurking Inside Modern Organizations 11 Oct, 2025 11:22 PM Security Awareness

Futuristic digital lock showing encrypted data streams and exfiltration, representing double extortion ransomware

Ransomware Evolution in 2025: Double Extortion and the New Data Heist Era 11 Oct, 2025 11:19 PM Cyber Security News

Bar chart showing increasing data breach costs with shield and dollar sign

The Rising Cost of Data Breaches in 2025: Why Prevention Is Critical 11 Oct, 2025 11:07 PM Security Awareness

Insider Threats & Permission Creep: Mitigating the Human Factor in 2025 11 Oct, 2025 09:26 PM Security Awareness

Illustration of multi-cloud environment with tangled connections, warning sign, and security shield

Cloud Misconfiguration & Multi‑Cloud Complexity: Securing Your Multi‑Cloud Environment in 2025 11 Oct, 2025 09:22 PM Security Awareness

Businessperson receiving a deepfake phishing call with distorted face and AI-generated voice overlay, digital shield glows to symbolise protection

Deepfake & AI‑Powered Phishing in 2025: Recognizing and Stopping Synthetic Scams 11 Oct, 2025 08:17 PM Security Awareness

WinRAR archive icon with warning sign and cybersecurity shield illustrating path traversal vulnerability

WinRAR Path Traversal Zero-Day (CVE-2025-8088) Under Active Exploitation: How to Protect Yourself 11 Oct, 2025 08:13 PM Security Awareness

Illustration of a system admin console with red exclamation shield representing Trend Micro Apex One vulnerabilities

Critical Trend Micro Apex One Vulnerabilities (CVE-2025-54948 & 54987): Securing Your Endpoint Management 11 Oct, 2025 08:08 PM Security Awareness

Supply chain network with hacker silhouette and digital shield

September 2025 Supply Chain Attacks: Lessons from Jaguar Land Rover, Bridgestone and Software Repositories 11 Oct, 2025 07:20 PM Security Awareness

Zip archive extraction with warning icon and digital shield

WinRAR Path Traversal Flaw (CVE-2025-8088): Preventing Archive Exploits 11 Oct, 2025 07:15 PM Security Awareness

System administrator console with Trend Micro Apex One vulnerability patching alert

Trend Micro Apex One Critical Vulnerabilities (CVE-2025-54987 & 54948) 11 Oct, 2025 07:09 PM Security Awareness

Critical GoAnywhere MFT Vulnerability (CVE‑2025‑10035): Stopping Command Injection Attacks 11 Oct, 2025 06:59 PM Security Awareness

ERP suite dashboard with warning triangle and lock shield representing vulnerability in enterprise software

Oracle E‑Business Suite Vulnerability (CVE‑2025‑61882): Protecting Your Enterprise from Pre‑Auth RCE 11 Oct, 2025 06:52 PM Security Awareness

Network firewall with warning exclamation mark and security shield

Critical Cisco ASA Vulnerabilities (CVE-2025-20333 & 20362): Defending Your Network Perimeter 11 Oct, 2025 06:44 PM Security Awareness

RediShell (CVE-2025-49844): Securing Your Redis Environments from Critical RCE 11 Oct, 2025 06:32 PM Security Awareness

Business team reviewing security patch document with digital shield overlay

Protecting Your Business Against CVE-2025-22944: Microsoft Office Document Exploits 11 Oct, 2025 06:28 PM Security Awareness

Abstract digital shield representing cybersecurity protection

Stay Ahead of Cyber Threats in 2025: How Terra System Labs Protects Your Business 11 Oct, 2025 05:29 PM Security Awareness

Top 5 Security Mistakes That Lead to Data Breaches 11 Oct, 2025 05:00 PM Security Awareness

Understanding Network Perimeter Security in Modern Enterprises 11 Oct, 2025 02:00 AM Security Awareness

Why Cybersecurity Awareness Training Is the First Line of Defense 09 Oct, 2025 08:20 PM Security Awareness

Zimbra Zero-Day Exploit: Hackers Target Users via Malicious Calendar Files 07 Oct, 2025 12:28 AM Cyber Security News

Difference Between Vulnerability Assessment and Penetration Testing Explained 06 Oct, 2025 11:46 PM Security Awareness

What Is Vulnerability Assessment & Penetration Testing (VAPT) and Why It Matters 06 Oct, 2025 11:30 PM Security Awareness

Top 10 Cybersecurity Threats Businesses Must Watch in 2025 06 Oct, 2025 11:20 PM Security Awareness

VMware Workstation Guest-to-Host Escape Exploit: What You Need to Know 03 Oct, 2025 01:13 AM Cyber Security News

Critical GoAnywhere MFT Vulnerability (CVE‑2025‑10035): Stopping Command Injection Attacks