Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass

Summary

Progress Software released security updates addressing two vulnerabilities in MOVEit Automation: CVE-2026-4670 (CVSS 9.8), a critical authentication bypass, and CVE-2026-5174 (CVSS 7.7), an improper input validation flaw enabling privilege escalation. The flaws affect multiple versions and could allow unauthorized access, administrative control, and data exposure through backend command port interfaces. No workarounds exist; immediate patching is recommended, particularly given prior MOVEit Transfer exploitations by ransomware groups like Cl0p.

Full text

Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass Ravie LakshmananMay 04, 2026Vulnerability / Enterprise Software Progress Software has released updates to address two security flaws in MOVEit Automation, including a critical bug that could result in an authentication bypass. MOVEit Automation (formerly Central) is a secure, server-based managed file transfer (MFT) solution used to schedule and automate file movement workflows in enterprise environments without requiring any custom scripts. The vulnerabilities in question are CVE-2026-4670 (CVSS score: 9.8), an authentication bypass vulnerability, and CVE-2026-5174 (CVSS score: 7.7), an improper input validation vulnerability that could allow privilege escalation. "Critical and high vulnerabilities in MOVEit Automation may allow authentication bypass and privilege escalation through the service backend command port interfaces," Progress Software said in an advisory. "Exploitation may lead to unauthorized access, administrative control, and data exposure." The shortcomings affect the following versions - MOVEit Automation <= 2025.1.4 (Fixed in MOVEit Automation 2025.1.5) MOVEit Automation <= 2025.0.8 (Fixed in MOVEit Automation 2025.0.9) MOVEit Automation <= 2024.1.7 (Fixed in MOVEit Automation 2024.1.8) Airbus SecLab researchers Anaïs Gantet, Delphine Gourdou, Quentin Liddell, and Matteo Ricordeau have been credited with discovering and reporting the two vulnerabilities. There are no workarounds that resolve the issues. While Progress makes no mention of the flaws being exploited in the wild, it's essential that users apply the fixes as soon as possible for optimal protection, particularly given that prior flaws in MOVEit Transfer have been exploited by ransomware gangs like Cl0p. Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share Share SHARE  cybersecurity, data security, Enterprise Software, network security, Patch Management, privilege escalation, Threat Intelligence, Vulnerability ⚡ Top Stories This Week Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain Apple Fixes iOS Flaw That Let FBI Recover Deleted Signal Messages Vercel Finds More Compromised Accounts in Context.ai-Linked Breach ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software ⚡ Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking and More Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202 Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately ⭐ Featured Resources [Webinar] Stop Chasing Alerts and Start Focusing on Real Exposures [Guide] How to Enable Secure Data Movement Without Added Risk Learn How Hidden Identity Blind Spots Weaken Your Security Systems [Guide] Learn a Practical Framework to Evaluate AI Tools for Production

Indicators of Compromise

• cve — CVE-2026-4670
• cve — CVE-2026-5174

Entities