Security Patch Analysis: Addressing Critical Vulnerabilities in Globalscape EFT
Ensure "Remote Administration" (default port 1100) is configured to use SSL to prevent credential sniffing. Globalscapehttps://kb.globalscape.com Officially Supported Products and EOL Dates globalscape terms patched
Recent patch cycles have addressed severe vulnerabilities that challenged the integrity of the software. The phrase "Globalscape terms patched" refers specifically to the resolution of a chain of vulnerabilities, including a deserialization issue and an authentication bypass, which collectively allowed threat actors to take control of unpatched servers. This paper aims to dissect these security updates to inform system administrators and security professionals of the criticality of immediate patching. This paper aims to dissect these security updates
: Addressed in EFT v8.3.2 (released February 2026), this patch upgraded the OpenSSL library to v3.6.1 to mitigate security risks associated with the underlying encryption toolkit. The cloud version is automatically patched
A: No. The cloud version is automatically patched. Only on-premises customers need to act.