Egnyte Storage Sync versions prior to v13.13 were exploited as a lateral movement and data staging platform in the VerdantBamboo MSP pivot campaign. No CVE identifier is assigned to this product flaw in the source intelligence, but the exposure is confirmed active: the product served as a persistence and data collection node in an 18-month undetected intrusion. Upgrade to v13.13 is the remediation baseline.