"FileCatalyst Transfer Tool Receives Critical RCE Vulnerability Patch from Fortra"

March 18, 2024 at 12:58 PM

•

1 min read

"FileCatalyst Transfer Tool Receives Critical RCE Vulnerability Patch from Fortra" — Photo: The Hacker News

TL;DR Summary

Fortra has patched a critical remote code execution (RCE) vulnerability, tracked as CVE-2024-25153, in its FileCatalyst file transfer solution, which could allow unauthenticated attackers to upload files outside the intended directory and execute code. The flaw was reported in August 2023 and addressed in FileCatalyst Workflow version 5.1.6 Build 114. Another two security vulnerabilities in FileCatalyst Direct (CVE-2024-25154 and CVE-2024-25155) were also resolved. Users are advised to apply the necessary updates to mitigate potential threats, especially in light of previous exploitation of Fortra's managed file transfer solution by threat actors.

Topics:technology #cve #cybersecurity #filecatalyst #fortra #rce-vulnerability #security-flaw

Share this article

Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool The Hacker News

Reading Insights

Total Reads

Unique Readers

Time Saved

1 min

vs 2 min read

Condensed

67%

276 → 90 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights