Progress Software released emergency patches for two critical MOVEit Automation vulnerabilities, including a CVSS 9.8 authentication bypass flaw that could allow attackers to gain unauthorized access and administrative control over enterprise systems.
Cyber CrimeOpinion & Research

Progress Patches Critical MOVEit Flaws That Could Let Hackers Bypass Authentication

The420.in Staff
By The420.in Staff
3 Min Read
Progress Software has released urgent security updates for its MOVEit Automation platform after researchers discovered two serious vulnerabilities that could allow attackers to bypass authentication and gain elevated access to enterprise systems. Cybersecurity experts have warned organizations using the file transfer solution to apply patches immediately.

Critical Authentication Bypass Bug Rated 9.8

One of the vulnerabilities, tracked as CVE-2026-4670, carries a critical CVSS severity score of 9.8 and affects the backend command port interface of MOVEit Automation. According to Progress Software, the flaw could allow unauthenticated attackers to bypass authentication mechanisms and gain unauthorized access to affected systems.

The second vulnerability, CVE-2026-5174, is rated 7.7 and stems from improper input validation that may enable privilege escalation. Security researchers warned that exploitation of the two flaws together could potentially give attackers administrative control over vulnerable MOVEit Automation environments.

Airbus SecLab researchers Anaïs Gantet, Delphine Gourdou, Quentin Liddell, and Matteo Ricordeau were credited with discovering and reporting the vulnerabilities.

FCRF Academy Launches Premier Anti-Money Laundering Certification Program

Enterprise File Transfer Systems at Risk

MOVEit Automation is a managed file transfer (MFT) solution used by enterprises to automate and schedule secure file movement workflows. The software is widely deployed across industries including finance, healthcare, and government sectors.

Security experts noted that exploitation of the flaws could lead to unauthorized access, administrative control, and possible exposure of sensitive enterprise data. Progress Software stated in its advisory that there are currently no workarounds capable of mitigating the vulnerabilities without installing the official updates.

The affected versions include:

  • MOVEit Automation 2025.1.4 and earlier
  • MOVEit Automation 2025.0.8 and earlier
  • MOVEit Automation 2024.1.7 and earlier

Patch Updates Released, Customers Urged to Upgrade

Progress has released patched versions 2025.1.5, 2025.0.9, and 2024.1.8 to address the vulnerabilities. The company said organizations must perform a full installer upgrade to remediate the issues.

The vendor also advised administrators to monitor audit logs for signs of suspicious privilege escalation or unauthorized access attempts that may indicate exploitation activity.

Cybersecurity researchers and threat intelligence firms have urged enterprises to prioritize the updates because MOVEit products have previously been targeted in large-scale cyberattacks.

MOVEit Remains High-Value Target for Cybercriminals

The latest disclosure comes nearly three years after the 2023 MOVEit Transfer mass exploitation campaign linked to the Cl0p ransomware group. That incident impacted thousands of organizations globally and led to widespread data theft through exploitation of a zero-day SQL injection vulnerability.

Security analysts said the history of attacks against MOVEit products increases the urgency for organizations to patch newly disclosed vulnerabilities quickly before threat actors begin active exploitation campaigns.

📲 Join Our WhatsApp Channel

Stay Connected