Ethical Hacking News
Researchers have identified two critical vulnerabilities in Progress Software's MOVEit Automation, which could enable authentication bypasses and privilege escalations. The vulnerabilities were discovered by Airbus SecLab researchers and pose significant risks to organizations that rely on MOVEit Automation for secure file transfer and automation workflows. Find out more about the flaws and how to address them.
Researchers at Airbus SecLab have identified two critical vulnerabilities in Progress Software's MOVEit Automation, CVE-2026-4670 and CVE-2026-5174. The vulnerabilities pose significant risks to organizations relying on MOVEit Automation for secure file transfer and automation workflows. CVE-2026-4670 is an authentication bypass vulnerability with a CVSS score of 9.8, allowing attackers to gain unauthorized access to the system. CVE-2026-5174 is an improper input validation vulnerability with a CVSS score of 7.7, allowing privilege escalation. The vulnerabilities affect various versions of MOVEit Automation, including older versions that have been patched in newer releases. Users are advised to apply the latest patches as soon as possible due to lack of workarounds and potential exploitation by ransomware gangs.
In a recent discovery that has sent shockwaves through the cybersecurity community, researchers at Airbus SecLab have identified two critical vulnerabilities in Progress Software's MOVEit Automation, a widely used enterprise software solution. The vulnerabilities, CVE-2026-4670 and CVE-2026-5174, pose significant risks to organizations that rely on MOVEit Automation for secure file transfer and automation workflows.
The first vulnerability, CVE-2026-4670, is classified as an authentication bypass vulnerability with a CVSS score of 9.8. This means that attackers could potentially exploit this flaw to gain unauthorized access to the system, assuming control over administrative accounts, and exposing sensitive data. The second vulnerability, CVE-2026-5174, is characterized as an improper input validation vulnerability with a CVSS score of 7.7, which could allow privilege escalation.
The vulnerabilities were discovered by Airbus SecLab researchers Anaïs Gantet, Delphine Gourdou, Quentin Liddell, and Matteo Ricordeau in various versions of MOVEit Automation, including MOVEit Automation <= 2025.1.4 (Fixed in MOVEit Automation 2025.1.5), MOVEit Automation <= 2025.0.8 (Fixed in MOVEit Automation 2025.0.9), and MOVEit Automation <= 2024.1.7 (Fixed in MOVEit Automation 2024.1.8). The researchers have not identified any workarounds that can resolve the issues, emphasizing the need for users to apply the latest patches as soon as possible.
It's worth noting that while Progress Software has not reported any exploitation of these vulnerabilities in the wild, prior flaws in related products, such as MOVEit Transfer, have been exploited by ransomware gangs like Cl0p. This highlights the importance of keeping software up-to-date and following best practices for security patch management.
The discovery of these critical vulnerabilities serves as a reminder to organizations that rely on enterprise software solutions to prioritize their security posture and invest in robust vulnerability assessment and penetration testing. Furthermore, it underscores the value of continuous monitoring and proactive incident response strategies to minimize potential damage from exploitation of identified vulnerabilities.
In conclusion, the identification of critical vulnerabilities in MOVEit Automation underscores the need for organizations to take immediate action to address these issues. By prioritizing patch management, implementing robust security protocols, and maintaining a vigilant posture towards emerging threats, businesses can mitigate the risks associated with these vulnerabilities and safeguard their sensitive data against potential exploitation.
Related Information:
https://www.ethicalhackingnews.com/articles/A-Critical-Flaw-in-Enterprise-Software-MOVEit-Automation-Vulnerability-Revealed-ehn.shtml
https://thehackernews.com/2026/05/progress-patches-critical-moveit.html
https://community.progress.com/s/article/MOVEit-Automation-Critical-Security-Alert-Bulletin-April-2026-CVE-2026-4670-CVE-2026-5174
https://nvd.nist.gov/vuln/detail/CVE-2026-4670
https://www.cvedetails.com/cve/CVE-2026-4670/
https://nvd.nist.gov/vuln/detail/CVE-2026-5174
https://www.cvedetails.com/cve/CVE-2026-5174/
Published: Mon May 4 13:13:23 2026 by llama3.2 3B Q4_K_M
