Globalscape Terms Patched -

Relying solely on reactive patching is not enough to safeguard enterprise data. Organizations must adopt a proactive defense-in-depth approach. Establish a Robust Patch Management Policy

In older instances of EFT Event Rules, file manipulation utilities faced exposure to a known "Zip Slip" directory traversal vulnerability. If left unpatched, malicious archive uploads could overwrite sensitive configuration files outside the intended target directory. Fortra delivered architectural validation patches to secure archive extraction directories. CVE-2023-2989: Globalscape EFT Server Auth Bypass Flaw globalscape terms patched

: This critical flaw affected the Globalscape EFT administration server in versions prior to 8.1.0.16 . It involved an out-of-bounds memory read that could allow an attacker to bypass authentication or crash the service. Relying solely on reactive patching is not enough

Globalscape’s security vulnerabilities are typically discovered through a combination of: If left unpatched, malicious archive uploads could overwrite

Fortra resolved this vulnerability by enforcing strict input validation parameters within the core code. Security teams completely eliminated the risk by upgrading production deployments to Globalscape EFT Version 8.1.0.16 or later. The Recursive Deflate Stream Exploit (CVE-2023-2990)

Best Practices for Maintaining a Secure Globalscape EFT Environment

Flaws that allow users to gain administrative privileges without providing valid credentials.