Security update: Unauthorized access to MOVEit Automation possible

Attackers can exploit two security vulnerabilities in MOVEit Automation. If attacks are successful, they can access instances. Secured versions are available for download.

The file transfer software MOVEit Automation is used to create workflows for automating recurring manual file transfers.

Install Security Update

As indicated in an alert from software manufacturer Progress, MOVEit Automation versions up to and including 2025.1.4, 2025.0.8, and 2024.1.7 are affected. The developers assure that versions 2025.1.5, 2025.0.9, and 2024.1.8 have been fixed. Downloads are linked in the alert. Admins can check their currently installed version in the Help/About menu.

So far, Progress has not reported any active exploitation of the vulnerabilities by attackers. However, this can change quickly, so administrators should not delay patching.

Background

According to the developers, the security issues are located in the command-port interfaces of the service backend. One vulnerability (CVE-2026-4670) is classified as “critical.” If attackers successfully exploit this vulnerability, they can bypass authentication and gain access to systems. The exact details of such an attack and its potential damage are currently unclear.

Through the second security vulnerability (CVE_2026-5174, “high”), attackers can gain higher user privileges. Here too, there are currently no further details on how attacks are carried out. It is also unclear how administrators can identify systems that have already been attacked.

(des)