Progress Software has issued security updates for its MOVEit Automation platform, addressing two software vulnerabilities, including a high-severity flaw that could allow attackers to bypass authentication controls.
MOVEit Automation, previously known as Central, is a managed file transfer solution widely used by enterprises to automate and schedule secure data exchanges without the need for custom scripting.
The most severe of the issues, tracked as CVE-2026-4670, could enable authentication bypass, potentially allowing unauthorized users to gain access to protected systems. The second flaw (CVE-2026-5174) stems from improper input validation and could be exploited for privilege escalation.
The vulnerabilities impact releases up to 2025.1.4, 2025.0.8, and 2024.1.7. Progress Software has released patched versions (2025.1.5, 2025.0.9, and 2024.1.8 respectively).
A Shodan search shows that more than 1,400 MOVEit Automation instances are accessible over the internet, with several linked to US state and local government agencies. Although there is currently no evidence that the above mentioned vulnerabilities are being actively exploited, flaws in MOVEit products are known to have been abused by cybercriminals in the past, including the Cl0p ransomware gang.