EC2 Instance FTP (20) Port Open to Public

Tenacity Id

Risk Level




Last Updated:

April 21, 2022

An assigned AWS Security Group allows public access to the File Transport Protocol (FTP) data port (20). FTP is not encrypted and transmits data in plaintext. Unencrypted data sent via FTP could be exposed to unauthorized or unintended applications, users, or malicious actors. Remove the inbound rule allowing FTP (port 20) in this Security Group.