DynaRisk is aware of hackers currently exploiting a remote code execution vulnerability in the GoAnywhere MFT tool. Our team has reported a surge in businesses being ransomed and there are strong indications that this vulnerability has been exploited in some attacks.
A patch for this vulnerability was published in February 2023, and the CVE-2023-0669 as been added as a known vulnerability. This patch should be applied immediately. The vulnerability has been marked as High. The CVSS score for this vulnerability is 7.2.
If a hacker manages to successfully exploit this vulnerability, this allows them to gain remote code execution on vulnerable GoAnywhere MFT.
Our risk-management solution for businesses, Breach Defence, alerts businesses of known vulnerabilities. You can also quickly identify if a business has any known vulnerabilities using Breach Check.
We make it simple for businesses to protect themselves online. Find out how we can help protect your business by getting in touch.