CVE-2025-10035
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2025-10035. We'll provide specific mitigation strategies based on your environment and risk profile.
CVSS Score
V3.1Attack Vector Metrics
Impact Metrics
Description
A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.
Available Exploits
Related News
CVE-2025-10035, a perfect CVSS 10.0 vulnerability in the Fortra GoAnywhere managed file transfer solution, has apparently been exploited in zero-day attacks before the patch was released on September 15, 2025. Evidence of in-the-wild exploitation revealed On …
watchTowr Labs says hackers exploited the Fortra GoAnywhere MFT flaw CVE-2025-10035 on Sept 10, 2025, a week before public disclosure. Cybersecurity firm watchTowr Labs revealed that it has ‘credible evidence’ that the critical Fortra GoAnywhere MFT flaw CVE-…
Hackers are actively exploiting a maximum severity vulnerability (CVE-2025-10035) in Fortra's GoAnywhere MFT that allows injecting commands remotely without authentication. [...]
CVE-2025-10035 (CVSS 10.0) is a new critical severity vulnerability in Fortra GoAnywhere MFT (Managed File Transfer). This maximum-risk CVE could provide attackers with unauthenticated remote command execution (RCE). All users should patch with urgency. GoAny…
Eight days before patches, a threat actor exploited CVE-2025-10035 as a zero-day to create a backdoor admin account. The post Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day appeared first on SecurityWeek.
Affected Products
Affected Versions:
Known Exploited Vulnerability
This vulnerability is actively being exploited in the wild
Remediation Status
Due Date
Added to KEV
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Product
Ransomware Risk
EU Vulnerability Database
Monitored by ENISA for EU cybersecurity
ENISA Analysis
A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.
Affected Products (ENISA)
ENISA Scoring
CVSS Score (3.1)
EPSS Score
ENISA References
Data provided by ENISA EU Vulnerability Database. Last updated: September 20, 2025
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
CVSS Scoring
CVSS Score
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
References
Advisory provided by GitHub Security Advisory Database. Published: September 19, 2025, Modified: September 19, 2025
Social Media Intelligence
Real-time discussions and threat intelligence from social platforms
🔥 Top 10 Trending CVEs (28/09/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-27363](https://nvd.nist.gov/vuln/detail/CVE-2025-27363)** - 📝 An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to …
Top Cybersecurity Update * 👤 **Espionage near EU institutions** → Two Dutch teens arrested for spying with a Wi-Fi sniffer near Europol/Eurojust. Allegedly linked to pro-Russian hackers. * ⚠️ **GoAnywhere Zero-Day (CVE-2025-10035)** → Actively exploited, attackers gain full control via “admin-go” backdoor. * 🌍 **U.S. Govt Agency Breached** → Authorities …
It Is Bad (Exploitation of Fortra GoAnywhere MFT CVE-2025-10035) - Part 2
🔥 Top 10 Trending CVEs (27/09/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-20363](https://nvd.nist.gov/vuln/detail/CVE-2025-20363)** - 📝 A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE …
GoAnywhere MFT Zero-Day (CVE-2025-10035) Actively Exploited Before Disclosure Security researchers at WatchTowr Labs confirmed that Fortra’s GoAnywhere MFT flaw (CVE-2025-10035) was exploited as a zero-day *8 days before* the vendor’s advisory. Key details: * Pre-auth deserialization bug in License Servlet * Remote code execution + backdoor admin-go account * Payloads …
Maximum severity GoAnywhere MFT flaw exploited as zero day Hackers are actively exploiting a maximum severity vulnerability (CVE-2025-10035) in Fortra's GoAnywhere MFT that allows injecting commands remotely without authentication. [...] **CVEs:** CVE-2025-10035 **Source:** https://www.bleepingcomputer.com/news/security/maximum-severity-goanywhere-mft-flaw-exploited-as-zero-day/
🔥 Top 10 Trending CVEs (26/09/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-20333](https://nvd.nist.gov/vuln/detail/CVE-2025-20333)** - 📝 A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, …
It Is Bad (Exploitation of Fortra GoAnywhere MFT CVE-2025-10035) - Part 2 - watchTowr Labs
CVE-2025-10035: Critical Deserialization Vulnerability in Fortra’s GoAnywhere MFT
🔥 Top 10 Trending CVEs (25/09/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-51591](https://nvd.nist.gov/vuln/detail/CVE-2025-51591)** - 📝 A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. - 📅 **Published:** …