CISA Known Exploited Vulnerability

CVE-2023-0669 Ransomware

Fortra · GoAnywhere MFT

Fortra GoAnywhere MFT Remote Code Execution Vulnerability

Date added 2023-02-10

BOD 22-01 due date 2023-03-03

CWE CWE-502

Ransomware Known

CISA description

Fortra (formerly, HelpSystems) GoAnywhere MFT contains a pre-authentication remote code execution vulnerability in the License Response Servlet due to deserializing an attacker-controlled object.

Required action

Apply updates per vendor instructions.

Notes & references

This CVE has a CISA AA located here: https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-158a. Please see the AA for associated IOCs. Additional information is available at: https://my.goanywhere.com/webclient/DownloadProductFiles.xhtml. Fortra users must have an account in order to login and access the patch.
https://nvd.nist.gov/vuln/detail/CVE-2023-0669

Where this lands in 800-53

Vulnerability data triggers these controls during assessment and continuous monitoring.

RA-5 · Vulnerability Monitoring and Scanning
SI-2 · Flaw Remediation
CM-6 · Configuration Settings
SI-7 · Software, Firmware, and Information Integrity
CM-8 · System Component Inventory

External lookups

NVD · CVE-2023-0669
CVE.org · CVE-2023-0669
CISA KEV catalog (canonical)