AI description
CVE-2026-4670 is an authentication bypass vulnerability found in Progress Software's MOVEit Automation. This flaw allows unauthenticated, remote attackers to bypass the authentication mechanisms of the software. The vulnerability affects various versions of MOVEit Automation, specifically those from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, and all versions prior to 2024.0.0.
- Description
- Authentication bypass by primary weakness vulnerability in Progress Software MOVEit Automation allows Authentication Bypass. This issue affects MOVEit Automation: from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, versions prior to 2024.0.0.
- Source
- security@progress.com
- NVD status
- Analyzed
- Products
- moveit_automation
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security@progress.com
- CWE-305
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
2
MOVEit Automation Critical Security Alert Bulletin – April 2026 – (CVE-2026-4670, CVE-2026-5174) https://t.co/D1hO3EqSd2 #cyber #threathunting #infosec
@blueteamsec1
13 Jul 2026
696 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes
CVE-2026-4670 · 9.8 → 7.7 The File Transfer Backdoor: MOVEit Automation Patches Two Critical Flaws (CVE-2026-4670 & CVE-2026-5174)
@lyrie_ai
2 Jun 2026
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CRITICAL: CVE-2026-4670 (CVSS 9.8) — multiple products. CVE: CVE-2026-4670 CVSS: 9.8 (3.1) — CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Severity: CRITICAL Status: Critical advisory
@lyrie_ai
14 May 2026
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Progress Software discloses CVSS 9.8 auth bypass in MOVEit Automation (CVE-2026-4670) — unauthenticated remote access, zero interaction. A second flaw escalates to admin. After CL0P's 2023 MOVEit mass exploitation, patch to 2025.0.9 or 2024.1.8 immediately.
@XavierRiveraX
4 May 2026
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:progress:moveit_automation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0413566A-895A-49F1-8055-3C5F695CBDF3",
"versionEndExcluding": "2024.1.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:moveit_automation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8AEB9B6-4337-422F-85FB-B8146FC3F2CF",
"versionEndExcluding": "2025.1.5",
"versionStartIncluding": "2025.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]