Progress Warns of Critical MOVEit Automation Auth Bypass Flaw
Progress Software has patched critical authentication bypass and privilege escalation vulnerabilities in MOVEit Automation, urging users to upgrade immediately.
Progress Software has released security updates to address two vulnerabilities in MOVEit Automation, including a critical flaw that could allow an attacker to bypass authentication [The Hacker News]. MOVEit Automation is a widely used managed file transfer (MFT) solution for scheduling and automating file workflows.
The critical vulnerability poses a significant risk, as successful exploitation could allow unauthorized actors to gain control over the MFT environment without needing valid credentials. This follows previous warnings regarding similar security flaws in the platform.
Users are strongly urged to apply the latest patches provided by Progress Software immediately to mitigate the risk of exploitation. Organizations should review their MOVEit Automation deployments and ensure that all security updates are applied to protect against potential unauthorized access.