Filter by Category

GoAnywhere MFT Not Affected by EFAIL Vulnerabilities

goanywhere MFT already prevents EFAIL vulnerabilities

Ashland, NE, May 16, 2018

In light of the recent Open PGP & S/MIME warning (EFAIL), GoAnywhere has performed a software security review of its managed file transfer solution to ensure customers and their encrypted emails are not affected by this vulnerability. The review was positive and demonstrates that GoAnywhere MFT is already protected from EFAIL.

The EFAIL warning identifies a weakness with encrypted emails and how secure content can be exfiltrated. The weakness can be further exploited by using the CBC/CFB gadget attack on Open PGP encrypted MIME parts. An attacker may intercept and alter an encrypted email and add specially crafted HTML MIME parts, which causes vulnerable email clients to send decrypted data to an external party.

While GoAnywhere MFT can process Open PGP encrypted files, it does not support Open PGP encrypted emails. GoAnywhere is not affected by the CBC/CFB gadget attack on Open PGP and S/MIME. Instead, the software uses standard SSL/TLS to decrypt email messages. When messages are retrieved from a mail server, GoAnywhere maintains a separation between MIME parts, writing each part to their own unique file.

Additionally, the software does not evaluate or render HTML emails, mitigating the risk of a direct exfiltration attack.

The GoAnywhere team is dedicated to the continued stability and security of its products. Further security reviews will be performed as new information is published.

Latest Posts


Ransomware Attacks on Small Businesses: How to Mitigate

July 21, 2021

Small businesses are just as vulnerable as large enterprises to cyberthreats and ransomware attacks. Robust security defense strategies, including MFT, can help.


What is Extreme File Transfer, and How does it help organizations move large files more efficiently?

July 20, 2021

Learn what extreme file transfer (XFT) is and what it can do for your organization.


This Month in Cybersecurity

July 20, 2021

Ready to learn more about how to protect your organization from cybersecurity threats? Learn what’s new in the world of cybersecurity as well as how you can continue to implement preventative cybersecurity practices.


How Managed File Transfer Supports SWIFT Compliance

July 15, 2021

Any organization that handles sensitive financial data knows that secure transfers are essential to data security. Discover how a secure file transfer solution can support and enhance your SWIFT usage.


GDPR and its Relationship with Healthcare

July 13, 2021

GDPR establishes protections for the security of sensitive data for individuals in the EU. Read our blog to learn more about GDPR and how it impacts the healthcare industry.