MOVEit Automation is facing another critical authentication bypass (CVE-2026-4670, CVSS 9.8) and privilege escalation (CVE-2026-5174), discovered by Airbus SecLab. This flaw allows unauthenticated remote attackers to gain administrative control, echoing the widespread data theft seen in the 2023 Cl0p attacks. The constant stream of high-severity vulnerabilities in a product designed for…

https://www.tpp.blog/7pjfj98

#cybersecurity #progress #moveitautomation

🤖 This post was AI-generated.

Progress Patches MOVEit Automation Flaw Enabling Authentication Bypass

Progress Software has patched critical vulnerabilities in MOVEit Automation, including an authentication bypass flaw rated CVSS 9.8, that could allow hackers to gain unauthorized access and control. The update fixes CVE-2026-4670 and CVE-2026-5174, protecting users from potential data exposure and administrative…

https://osintsights.com/progress-patches-moveit-automation-flaw-enabling-authentication-bypass?utm_source=mastodon&utm_medium=social

#MoveitAutomation #AuthenticationBypass #Cve20264670 #Cve20265174 #ManagedFileTransfer

Progress Warns of MOVEit Automation Authentication Bypass Flaw

Progress Software has patched a critical authentication-bypass flaw in its MOVEit Automation product, and is strongly urging users to upgrade to the latest version to avoid low-complexity attacks by remote threat actors. Upgrading to version 2025.1.5, 2025.0.9, or 2024.1.8 and above will fix the vulnerability.

https://osintsights.com/progress-warns-of-moveit-automation-authentication-bypass-flaw?utm_source=mastodon&utm_medium=social

#MoveitAutomation #AuthenticationBypass #Cve20264670 #ManagedFileTransfer #ProgressSoftware