Fortra’s acknowledgment of the exploitation of CVE-2025-10035 marks a significant moment in its response to ongoing security concerns. Despite confirming unauthorized activities linked to this vulnerability, there is still a cloud of mystery surrounding how attackers gained access to the required private key for exploitation. This uncertainty persists even as researchers from notable firms like watchTowr, Rapid7, and VulnCheck have detailed the exploitation process.
The vulnerability in question has led to increased scrutiny and concerns, particularly since the Cybersecurity and Infrastructure Security Agency included it in its catalog of exploited vulnerabilities. Fortra began investigating the issue after a customer reported suspicious activities in September, leading to timely notifications and updates to affected customers. Although a patch was deployed shortly after, there are questions regarding the extent of the exploitation, especially in environments that were not hosted by Fortra.
The involvement of the Storm-1175 cybercriminal group in exploiting this vulnerability to conduct ransomware attacks further underscores the urgency of the situation. While Fortra has made strides in transparency, much remains uncertain regarding the full impact and methods of exploitation associated with CVE-2025-10035.
👉 Pročitaj original: CyberScoop
