CISA Warns of Actively Exploited Wing FTP Server Vulnerability

CISA has warned U.S. government agencies to secure their Wing FTP Server instances against an actively exploited vulnerability that can be chained in remote code execution attacks. The agency added the flaw to its Known Exploited Vulnerabilities (KEV) catalog, indicating confirmed malicious exploitation. No specific CVE ID, technical details, or attack timelines were provided in the notice. The directive applies to federal civilian executive branch (FCEB) agencies, which must address the vulnerability by a specified deadline. The impact includes potential unauthorized remote code execution on vulnerable systems.