core-ftp-sftp-1-2-buffer-overflow-dos

Core FTP/SFTP Server 1.2 buffer overflow sparks instant denial of service outage risk

What happened

About 45 minutes ago a high severity flaw in Core FTP/SFTP Server 1.2 was published, a buffer overflow that lets an attacker crash the service by stuffing the User domain field with an excessively long string. The advisory notes a malicious payload of roughly 7000 bytes in the domain configuration triggers an application crash and causes a denial of service.

The issue is listed with a severity score of 8.7. The affected product is explicitly Core FTP/SFTP Server version 1.2. The report does not say whether exploit code is publicly available, nor does it disclose how the vulnerability was discovered.

Why this matters to businesses

If your organisation runs Core FTP/SFTP Server 1.2, you can face immediate outages to file transfer workflows and integration points. Those services often sit behind backup jobs, partner connectors and automation, so a single crash can ripple into missed transfers and failed jobs.

That ripple shows up as operational cost, extra support time and potential SLA breaches, and of course customers notice downtime. And honestly, patch later thinking is one of those habits that turns a small bug into a board problem, so treat this as something to prioritise.

If you’ve got the same weakness, here’s what happens next

An attacker who can reach the affected service can repeatedly crash it, creating persistent unavailability until you patch or isolate the host. That creates repeated manual work, emergency changes outside normal windows and pressure on incident responders.

Since the flaw is triggered via a specific configuration field, discovery depends on accurate asset records and version tracking. Miss those and you only find out when a partner reports failures or your monitoring alarms light up.

What to do on Monday morning

• Run an immediate inventory for Core FTP/SFTP Server 1.2 and list any business processes that depend on it.
• Check the vendor advisory and apply any vendor patch straight away; if no patch is available, plan isolation or replacement.
• Block external access to the service where possible, restrict management interfaces and limit exposure to trusted networks only.
• Deploy temporary mitigations such as rate limits, WAF rules or proxies that reject oversized domain fields.
• Verify backups and practice restores for systems relying on the FTP service so you can recover without surprises.
• Increase logging and monitoring around the FTP service and integration points to detect crash patterns and attack attempts early.
• Notify affected partners and customers, explain mitigations and share a realistic remediation timetable.

Where ISO standards fit, without the sales pitch

An ISO 27001 aligned approach makes you keep an accurate asset inventory and a regular vulnerability management cycle, which would reduce the chance you missed Core FTP/SFTP Server 1.2 sitting in production. For practical guidance on setting that up see Synergos Consultancy’s ISO 27001 guidance.

When continuity and recovery are the risk drivers, an ISO 22301 style business continuity plan gives you tested fallback options so you don’t have to invent communications and workarounds during an outage, see Synergos Consultancy’s business continuity guidance for sensible steps.

For smaller suppliers and baseline controls consider IASME certification as a way to drive consistent basics across third parties and hosted tools, which helps stop cheap single-point failures from becoming operational crises.

Wrap-up

This Core FTP/SFTP Server 1.2 vulnerability is specific and recent, so find it, fix or isolate it and practise the recovery steps before the next file transfer fails unexpectedly.