{"id":241591,"date":"2026-05-04T08:18:00","date_gmt":"2026-05-04T12:18:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/04\/progress-warns-of-critical-moveit-automation-auth-bypass-flaw\/"},"modified":"2026-05-08T08:00:10","modified_gmt":"2026-05-08T12:00:10","slug":"progress-warns-of-critical-moveit-automation-auth-bypass-flaw","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/04\/progress-warns-of-critical-moveit-automation-auth-bypass-flaw\/","title":{"rendered":"Progress warns of critical MOVEit Automation auth bypass flaw"},"content":{"rendered":"<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/moveit-automation-customers-warned-to-patch-critical-auth-bypass-flaw\/\">Progress warns of critical MOVEit Automation auth bypass flaw<\/a><\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/moveit-automation-customers-warned-to-patch-critical-auth-bypass-flaw\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/moveit-automation-customers-warned-to-patch-critical-auth-bypass-flaw\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-04 08:18:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.bleepingcomputer.com\">www.bleepingcomputer.com<\/a><\/p>\n<p style=\"text-align:center\">\n<p>Progress Software warned customers to patch a critical authentication bypass vulnerability in its MOVEit Automation enterprise-grade managed file transfer (MFT) application.<\/p>\n<p>MOVEit Automation automates complex data workflows without requiring manual scripting and serves as a central automation orchestrator to schedule and manage file transfers between different systems, including local servers, cloud storage, and external partners.<\/p>\n<p>Tracked as CVE-2026-4670, the security flaw affects MOVEit Automation versions before 2025.1.5, 2025.0.9, and 2024.1.8. Remote threat actors can exploit it without privileges on the targeted systems in low-complexity attacks that don&#8217;t require user interaction.<\/p>\n<p>&#8220;We have addressed the vulnerability and the Progress MOVEit Automation team strongly recommends performing an upgrade to the latest version,&#8221; the company says in a Thursday advisory.\u00a0&#8220;Upgrading to a patched release, using the full installer, is the only way to remediate this issue. There will be an outage to the system while the upgrade is running.&#8221;<\/p>\n<p>The same day, Progress also released security updates to address a high-severity privilege escalation vulnerability (CVE-2026-5174) stemming from an improper input validation weakness in the same software.<\/p>\n<p>According to a Shodan search shared by PwnDefend cybersecurity consultant Daniel Card, over 1,400 MOVEit Automation instances are exposed online, and over a dozen are linked to U.S. local and state government agencies.<\/p>\n<p>However, there is no information regarding how many of these systems have already been secured against CVE-2026-4670 attacks.<\/p>\n<p><img decoding=\"async\" alt=\"MOVEit Automation instances exposed online\" height=\"329\" src=\"https:\/\/www.bleepstatic.com\/images\/news\/u\/1109292\/2026\/MOVEit%20Automation%20instances%20exposed%20online.png\" width=\"700\"\/>Map of MOVEit Automation instances exposed online (Shodan)<\/p>\n<p>While the company has yet to flag these security issues as exploited in the wild, other MoveIT MFT vulnerabilities have been targeted in attacks in recent years.<\/p>\n<p>For instance, the Clop ransomware gang exploited a zero-day in the MOVEit Transfer secure file transfer platform in an extensive series of data theft&#8230;<\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/moveit-automation-customers-warned-to-patch-critical-auth-bypass-flaw\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Progress warns of critical MOVEit Automation auth bypass flaw https:\/\/www.bleepingcomputer.com\/news\/security\/moveit-automation-customers-warned-to-patch-critical-auth-bypass-flaw\/ Publish Date: 2026-05-04 08:18:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":241592,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.bleepstatic.com\/content\/hl-images\/2023\/06\/16\/MOVEit.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,31,27],"class_list":["post-241591","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/241591"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=241591"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/241591\/revisions"}],"predecessor-version":[{"id":241593,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/241591\/revisions\/241593"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/241592"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=241591"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=241591"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=241591"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}