Notice:
A security flaw has been found in Biscom Secure File Transfer server that can be exploited as part of a spear phishing attack to steal user credentials.
The severity of this issue is considered High.
The following versions are affected:
- All versions of SFT 5 through 5.1.1081
- All versions of SFT 6 through 6.0.1010
The fixed versions are:
- SFT 5.1.1082 and later
- SFT 6.0.1011 and later
It is recommended that all affected versions of SFT be upgraded immediately.
Issue summary:
This document will be updated to include the specifics of the exploit 90 days after publication to ensure all customers of SFT have been notified and had a chance to upgrade.
Fix details:
The application has been updated to check for and prevent attempts to exploit this issue.