Filecatalyst+breached !!install!!

Exploiting RCE allows attackers to use the file transfer server as a "beachhead" to move laterally into the internal network.

Fortra has released security updates to address these issues. Users are strongly advised to verify their current version: Vulnerability Required Version/Build (RCE) 5.1.6 Build 114 or later CVE-2024-5276 (SQLi) 5.1.6 Build 139 or later CVE-2024-6633 (DB PW) Upgrade to latest (Deprecate HSQLDB) FI-2024-007 (Hard-coded) Direct / Workflow 3.8.10 Build 138 / 5.1.6 Build 130 filecatalyst+breached

FileCatalyst has acknowledged the breach and is working to contain the incident. The company has promised to provide updates on the situation and is urging users to take necessary precautions. Exploiting RCE allows attackers to use the file

March 18, 2024. A critical vulnerability in the Fortra FileCatalyst managed file transfer (MFT) service could enable remote code e... SC Media Critical Vulnerability in FileCatalyst Workflow (CVE-2024-5276) On June 25th, software company Fortra disclosed a critical severity vulnerability in their managed file transfer software applicat... Beazley Security CVE-2024-25153: RCE in Fortra FileCatalyst - LRQA Mar 13, 2024 — The company has promised to provide updates on

The breach may have exposed sensitive data, including files and user information, to unauthorized parties. Users who have stored sensitive data on FileCatalyst are advised to take immediate action to protect themselves.