CVE-2023-0669 - Fortra GoAnywhere MFT Remote Code Execution Vulnerability

Vulnerability Name

Fortra GoAnywhere MFT Remote Code Execution Vulnerability

Description

Fortra (formerly, HelpSystems) GoAnywhere MFT contains a pre-authentication remote code execution vulnerability in the License Response Servlet due to deserializing an attacker-controlled object.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply updates per vendor instructions.

Additional Notes

This CVE has a CISA AA located here: https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-158a. Please see the AA for associated IOCs. Additional information is available at: https://my.goanywhere.com/webclient/DownloadProductFiles.xhtml. Fortra users must have an account in order to login and access the patch.

https://nvd.nist.gov/vuln/detail/CVE-2023-0669

Related News Articles

Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035)September 22, 2025

Fortra Releases Critical Patch for CVSS 10.0 GoAnywhere MFT VulnerabilitySeptember 19, 2025

Fortra warns of max severity flaw in GoAnywhere MFT’s License ServletSeptember 19, 2025

PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276)June 27, 2024

Exploit for critical Fortra FileCatalyst Workflow SQLi flaw releasedJune 27, 2024