Many organizations continue to be vulnerable to a zero-day flaw in Fortra's GoAnywhere Managed File Transfer system, tracked as CVE-2023-0669, despite widespread exploitation by the Clop ransomware gang since February, reports The Record, a news site by cybersecurity firm Recorded Future.
Despite a 46% drop in exposed GoAnywhere admin panels since the emergence of a patch, such panels remained in 179 hosts more than two months after the zero-day vulnerability's disclosure, 30% of which continued to be unpatched, a report from Censys revealed.
"A single vulnerable instance has the potential to serve as a gateway to a data breach that could potentially impact millions of individuals," said Censys security researcher Himaja Motheram.
ALPHV/BlackCat ransomware has also been reported by security firm At-Bay to have leveraged the vulnerability to compromise an unnamed U.S.-based firm in February.
"Executing a ransomware attack by targeting the GoAnywhere MFT vulnerability is extremely easy with the exfiltration of data near certain, and the fast delivery of the payload also guaranteed," said At-Bay.