CrushFTP Zero-Day Exploited (CVE-2025-54309)

On July 18, CrushFTP warned that a zero-day in its CrushFTP software was being exploited in the wild.

CVE	Description	CVSSv3
CVE-2025-54309	Unprotected Alternate Channel Vulnerability	9.0

According to CrushFTP, the vulnerability was first discovered as being exploited on July 18 at 9AM CST, though they caution that exploitation may have “been going on for longer.”

For more information about the vulnerability, including the availability of patches and Tenable product coverage, please visit our blog.

Cyber Exposure Alerts

Tenable Research

Tenable Vulnerability Management

Vulnerability Watch

Forum Discussion

CrushFTP Zero-Day Exploited (CVE-2025-54309)

Recent Discussions

Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234)

Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks

CVE-2025-7775: Citrix NetScaler ADC and Gateway Zero-Day RCE Vulnerability Exploited in the Wild

CVE-2025-25256: Proof of Concept Released for Fortinet FortiSIEM Command Injection Vulnerability

Microsoft’s August 2025 Patch Tuesday Addresses 107 CVEs (CVE-2025-53779)

Americas

Europe

Asia / Australia