An out-of-bounds memory read vulnerability in EFT versions prior to 8.1.0.16 could allow attackers to bypass authentication or crash the administration server.
The investigation revealed that the attackers accessed files containing sensitive Personal Identifiable Information (PII). This data included: globalscape breach
, a widely used enterprise managed file transfer (MFT) solution, has faced several critical security challenges that highlight the ongoing risks in the digital supply chain. While Globalscape itself has not suffered a single catastrophic "breach" on the scale of the 2023 MOVEit incident, multiple high-risk vulnerabilities have been discovered that could have led—and in some cases did lead—to unauthorized data access and remote code execution. Understanding the Globalscape Security Landscape An out-of-bounds memory read vulnerability in EFT versions
Globalscape took the following steps: