VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Progress Releases Patch for MOVEit Automation — Authentication Bypass Fixed

Progress выпустил патч для MOVEit Automation — исправлен обход аутентификации

Colleagues, a cybersecurity notice: Progress has released updates for MOVEit Automation addressing a critical authentication bypass vulnerability.

Key points:
- CVE‑2026‑4670 (CVSS 9.8, authentication bypass) and CVE‑2026‑5174 (CVSS 7.7, improper validation, privilege escalation). Reported by Airbus SecLab.
- Affected versions: ≤2025.1.4 / ≤2025.0.8 / ≤2024.1.7 — fixes available in 2025.1.5 / 2025.0.9 / 2024.1.8.
- No public working exploits known — update as soon as possible. Progress does not report active exploitation, but MOVEit vulnerabilities have been used by ransomware in the past.

Why it matters: these flaws may allow unauthorized access, administrative control and data exfiltration.
Have you updated MOVEit?
#cybersecurity #dataprotection #patching #vulnerabilities

Latest comments

No comments yet.