CVE-2026-4670

Summary

Authentication bypass by primary weakness vulnerability in Progress Software MOVEit Automation allows Authentication Bypass.

This issue affects MOVEit Automation: from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, versions prior to 2024.0.0.

Affected Software

VendorProductVersion RangeStatus
Progress SoftwareMOVEit Automation2025.0.0 < 2025.0.9affected
Progress SoftwareMOVEit Automation2024.0.0 < 2024.1.8affected
Progress SoftwareMOVEit Automation0 < 2024.0.0affected

Weaknesses

  • CWE-305: CWE-305 Authentication bypass by primary weakness

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References