Progress warns of critical MOVEit Automation auth bypass flaw
Progress says the flaws could allow unauthorized access and administrative control, and more than 1,400 internet-connected instances are exposed, researchers said.
9 Articles
9 Articles
Progress Software has patched a critical failure in MOVEit Automation that allows for non-interactional authentication jump and opens the door to massive theft of business data. The vulnerability, registered as CVE-2026-4670, was discovered by Airbus SecLab and can be exploited through the backend service command port. I see it as the reissue of a nightmare that we already lived in 2023 with the Clop ransomware. The same family of file transfer …
Among other things, a critical vulnerability threatens the file transfer software MOVEit Automation.
IT Security News - cybersecurity, infosecurity news
cybernoz.comProgress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass
Progress Software has released updates to address two security flaws in MOVEit Automation, including a critical bug that could result in an authentication bypass. MOVEit Automation (formerly Central) is a secure, server-based managed file transfer (MFT) solution used to schedule and automate file movement workflows in enterprise environments without requiring any custom scripts. The This article has been indexed from The Hacker News Read the …
A new critical vulnerability in MOVEit Automation is lighting up the maximum alert in the cybersecurity community. Identified as CVE-2026-4670, failure allows authentication bypasses, i.e. invaders can access systems without valid credentials. For organizations that depend on the secure data transfer platform, risk is immediate and high, especially considering the recent history of attacks directed at Progress solutions. Discovery reinforces a w…
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
