CVE-2026-5174

Summary

Improper input validation vulnerability in Progress Software MOVEit Automation allows Privilege Escalation.

This issue affects MOVEit Automation: from 2025.1.0 before 2025.1.5, from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, versions prior to 2024.0.0.

Affected Software

VendorProductVersion RangeStatus
Progress SoftwareMOVEit Automation2025.1.0 < 2025.1.5affected
Progress SoftwareMOVEit Automation2025.0.0 < 2025.0.9affected
Progress SoftwareMOVEit Automation2024.0.0 < 2024.1.8affected
Progress SoftwareMOVEit Automation0 < 2024.0.0affected

Weaknesses

  • CWE-20: CWE-20 Improper input validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References