HIGHCVE-2026-5174Published Modified CNA ProgressSoftware
CVE-2026-5174: Improper Access Control Vulnerability in Progress MOVEit Automation
Improper input validation vulnerability in Progress Software MOVEit Automation allows Privilege Escalation. This issue affects MOVEit Automation: from 2025.1.0 before 2025.1.5, from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, versions prior to 2024.0.0.
Metrics
- CVSS v3.1
- 7.7
- Severity
- HIGH
- Fixed in
- 2024.0.0
- Affected Products
- 1
Fix available
2024.0.02024.1.82025.0.92025.1.5
Affected packages
- Progress Software / MOVEit Automation< 2025.1.5 (from 2025.1.0) · < 2025.0.9 (from 2025.0.0) · < 2024.1.8 (from 2024.0.0) · < 2024.0.0 (from 0)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HReferences