CP
cyberpings
VulnerabilitiesCRITICAL

CISA Warns - Actively Exploited Wing FTP Server Vulnerability

SCSC Media
CVE-2025-47813Wing FTP ServerCISAremote code executionCVE-2025-47812
🎯

Basically, there's a serious flaw in Wing FTP Server that hackers are using to take control of systems.

Quick Summary

CISA has issued a critical warning about a vulnerability in Wing FTP Server that's being actively exploited. This affects thousands of users globally. Immediate patching is essential to prevent potential data breaches and attacks.

The Flaw

CISA has issued a warning regarding a critical vulnerability in Wing FTP Server, identified as CVE-2025-47813. This flaw is particularly dangerous as it allows low-privileged attackers to discover the full local installation path of the software. This information can be exploited to launch remote code execution attacks, which could compromise the server and the data it manages.

This vulnerability is not standalone; it can be chained with another critical flaw, CVE-2025-47812, and an information disclosure vulnerability, CVE-2025-27889. Together, these vulnerabilities could allow attackers to steal user passwords and gain unauthorized access to sensitive information. With over 10,000 customers globally using Wing FTP Server, including major organizations, the potential impact is significant.

What's at Risk

The risk posed by CVE-2025-47813 is severe, especially for organizations that rely on Wing FTP Server for file transfers and storage. If exploited, attackers could execute arbitrary code on the server, leading to data breaches and loss of sensitive information. The fact that this vulnerability is actively being exploited means that the window for attacks is open, making immediate action crucial for all users.

Organizations that fail to patch this vulnerability not only risk data loss but also potential reputational damage and legal repercussions. The urgency of the situation is underscored by CISA's directive mandating federal agencies to apply mitigations within two weeks.

Patch Status

A patch for the vulnerability was released in version 7.4.4 of Wing FTP Server in May 2025. This update addresses CVE-2025-47813 effectively, but many organizations may still be operating on older versions. The proof-of-concept exploit code for this vulnerability was made public in June 2025, further increasing the urgency for organizations to update their systems.

CISA has added CVE-2025-47813 to its catalog of actively exploited vulnerabilities. While the directive primarily targets federal agencies, CISA strongly encourages all organizations, including those in the private sector, to patch their systems promptly.

Immediate Actions

Organizations using Wing FTP Server should take immediate steps to secure their systems. Here are the recommended actions:

  • Update to the latest version (7.4.4 or higher) of Wing FTP Server.
  • Review system configurations to ensure no unauthorized access has occurred.
  • Monitor network traffic for any signs of exploitation attempts.
  • Educate staff about the risks associated with unpatched vulnerabilities.

By taking these proactive measures, organizations can significantly reduce their risk of falling victim to attacks exploiting this critical vulnerability.

🔒 Pro insight: The exploitation of CVE-2025-47813 highlights the need for organizations to prioritize timely patch management to mitigate risks.

Original article from

SC Media

Read Full Article

Share

Related Pings

HIGHVulnerabilities

iOS Vulnerabilities - DarkSword Exploit Kit Uncovered

A new exploit kit, DarkSword, targets iOS vulnerabilities for surveillance. Millions of iPhones are potentially compromised. Users must update their devices to stay safe.

SecurityWeek·
MEDIUMVulnerabilities

UIDAI - Launches Bug Bounty Programme for Aadhaar Security

UIDAI has launched a Bug Bounty Programme to enhance Aadhaar security. This initiative invites experts to identify vulnerabilities in the system. It's crucial for protecting the personal data of over a billion residents.

Cyber Security News·
HIGHVulnerabilities

Ubuntu Vulnerability - Local Attackers Can Gain Root Access

A critical vulnerability in Ubuntu allows local attackers to gain root access. This flaw affects users of Ubuntu Desktop 24.04 and newer. Immediate updates are essential to protect against potential system compromise.

Infosecurity Magazine·
HIGHVulnerabilities

Vulnerabilities - Claude Users Face Data Theft Risks

A trio of vulnerabilities in Claude could expose users to data theft. This flaw allows attackers to exploit Google searches, threatening enterprise networks. Stay vigilant and watch for updates.

Dark Reading·
CRITICALVulnerabilities

Critical Vulnerability - Unpatched Flaw in Telnetd Exposed

A critical flaw in GNU InetUtils telnetd has been discovered, allowing remote attackers to execute code with elevated privileges. This affects all versions, posing severe risks to systems. Users are urged to disable Telnet services until a patch is available to avoid exploitation.

Security Affairs·
HIGHVulnerabilities

WebKit Vulnerability - Apple Patches Critical Security Flaw

Apple has issued critical patches for a serious WebKit vulnerability affecting iOS and macOS. This flaw allows malicious content to bypass security measures, risking user data. Immediate updates are essential to protect against potential attacks.

Cyber Security News·