Progress Software has issued security updates to remediate two vulnerabilities affecting MOVEit Automation, one of which is rated critical and could allow attackers to bypass authentication mechanisms entirely.
MOVEit Automation, previously known as MOVEit Central, is a server‑based managed file transfer (MFT) platform used by enterprises to orchestrate and automate file transfer workflows. The solution enables scheduled and event‑driven file movement across systems without the need for custom scripting, making it a core component of many organizations’ data‑exchange infrastructure.
The flaws addressed in the latest release are tracked as CVE‑2026‑4670 and CVE‑2026‑5174. The first issue, CVE‑2026‑4670, carries a CVSS score of 9.8 and allows for an authentication bypass, potentially enabling unauthenticated attackers to gain access to protected MOVEit Automation services. The second vulnerability, CVE‑2026‑5174, is rated 7.7 and stems from improper input validation that could be abused to achieve privilege escalation.
In a security advisory, Progress Software warned that exploitation of these weaknesses could occur through the product’s service backend command port interfaces, stating that successful attacks may result in unauthorized system access, elevation to administrative privileges, and exposure of sensitive data.
The vulnerabilities impact the following versions of MOVEit Automation:
- Versions up to 2025.1.4, resolved in 2025.1.5
- Versions up to 2025.0.8, resolved in 2025.0.9
- Versions up to 2024.1.7, resolved in 2024.1.8
Progress confirmed that no mitigations or workarounds are available that fully address the issues short of applying the official patches. Organizations running affected versions are therefore required to upgrade to the fixed releases to eliminate the risk.
The vulnerabilities were discovered and responsibly disclosed by researchers from Airbus SecLab, including Anaïs Gantet, Delphine Gourdou, Quentin Liddell, and Matteo Ricordeau, who were credited by Progress for their findings.
While there are currently no indications that the flaws are being actively exploited, Progress emphasized the importance of timely remediation. This urgency is heightened by the platform’s history earlier vulnerabilities in MOVEit Transfer were famously leveraged by ransomware groups such as Cl0p, resulting in widespread data breaches across multiple industries.
Given the critical role MOVEit Automation plays in enterprise data workflows, administrators are strongly advised to apply the latest security updates as soon as possible to minimize exposure and prevent potential compromise.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
