From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation
11.10.2025
3156
Fortra confirms GoAnywhere MFT flaw CVE-2025-10035 exploited since September 11 to deploy ransomware.
π¨ Fortra Drops the Timeline: CVE-2025-10035 Got Pwned Since Sept 11
Fortra just exposed the full play-by-play of how their GoAnywhere MFT got owned through CVE-2025-10035 β and spoiler: threat actors have been exploiting this since September 11 to drop ransomware payloads.
The vulnerability, tracked as CVE-2025-10035, is a critical flaw in Fortra's GoAnywhere Managed File Transfer (MFT) solution that allows unauthenticated remote code execution. Translation: attackers can run whatever code they want on vulnerable systems without needing login credentials.
Fortra's investigation revealed the exploitation timeline started on September 11, 2025, with threat actors actively weaponizing the vulnerability to deploy ransomware across affected organizations. This isn't just theoretical β real organizations got hit.
The company has since released patches and security updates to address the vulnerability. If you're running GoAnywhere MFT, you need to patch immediately β this isn't a 'maybe later' situation.
- β’ CVE-2025-10035: Critical RCE vulnerability in Fortra GoAnywhere MFT
- β’ Exploitation active since September 11, 2025
- β’ Used to deploy ransomware payloads
- β’ Unauthenticated remote code execution
- β’ Patches and security updates available from Fortra
This incident follows a pattern of MFT solutions being targeted by threat actors due to their access to sensitive data and critical business functions. Fortra's transparency about the timeline provides valuable intelligence for other organizations facing similar threats.
The disclosure underscores the importance of rapid patch deployment and continuous monitoring for suspicious activity, especially in file transfer systems that handle sensitive organizational data.
#RCE vulnerabilities#ransomware#unauthenticated access#security patches#CVE vulnerabilities
Got a topic? Write to ATLA WIRE on Telegram:t.me/atla_community
