CRITICALCVE-2026-4670Published Modified CNA ProgressSoftware
CVE-2026-4670: Improper Authentication vulnerability in Progress MOVEit Automation
Authentication bypass by primary weakness vulnerability in Progress Software MOVEit Automation allows Authentication Bypass. This issue affects MOVEit Automation: from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, versions prior to 2024.0.0.
Metrics
- CVSS v3.1
- 9.8
- Severity
- CRITICAL
- Fixed in
- 2024.0.0
- Affected Products
- 1
Fix available
2024.0.02024.1.82025.0.9
Affected packages
- Progress Software / MOVEit Automation< 2025.0.9 (from 2025.0.0) · < 2024.1.8 (from 2024.0.0) · < 2024.0.0 (from 0)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HReferences