Urgent Action Required by MOVEit Automation Users – The HIPAA Journal
Urgent Action Required by MOVEit Automation Users The HIPAA Journal
Urgent Action Required by MOVEit Automation Users
Progress Software has issued a warning to customers about a critical authentication bypass vulnerability within the MOVEit Automation application. MOVEit Automation is a managed file transfer (MFT) that serves as a central automation orchestrator for scheduling and managing file transfer between different systems, including on-premises servers, cloud storage, and third-party partners.
Remotely exploitable vulnerabilities in Internet-facing MFT applications are targeted by threat actors. Certain threat groups such as Cl0p have actively targeted enterprise-grade MFTs, mass exploiting the vulnerabilities in attacks on dozens and, in some cases, thousands of users.
The critical authentication bypass vulnerability has a CVSS v3.1 base score of 9.8 out of 10 and is tracked as CVE-2026-4670 and can be exploited by a remote attacker with no privileges in a low-complexity attack. The vulnerability affects MOVEit Automation versions prior to 2025.1.5, 2025.0.9, and 2024.1.8.
A second high-severity privilege escalation vulnerability has also been identified. The flaw, tracked as CVE-2026-5174, is due to improper input validation and has a CVSS v3.1 base score of 8.8, and affects MOVEit Automation versions from 2025.1.0 before 2025.1.5, from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, and versions prior to 2024.0.0. The flaw can be exploited in a low complexity attack without privileges or user interaction.
Exploitation of these vulnerabilities could lead to unauthorized access to the application, and an attacker could gain administrative control and exfiltrate sensitive data. Progress Software has fixed both vulnerabilities in the latest version of the software, and users are advised to install the latest version as soon as possible to prevent exploitation. Progress Software said the only way to remediate the vulnerabilities is to upgrade to a patched release using the full installer. That will require the software to shut down to complete the upgrade.
There are around 1,440 internet-connected devices running vulnerable MOVEit Automation versions, according to a Shodan search, some of which are used by state and local government agencies. Given the extent to which vulnerabilities in MFT solutions are targeted, exploitation is highly likely, although at the time of the announcement, Progress Software had not identified any exploitation in the wild.
The post Urgent Action Required by MOVEit Automation Users appeared first on The HIPAA Journal.
LuxSci Launches Enterprise-Grade HIPAA-Compliant Email Security for Mid-Sized Healthcare Organizations – Hackread
Comment: HIPAA’s biggest overhaul in a decade is coming – Healthcare Today
Comment: HIPAA’s biggest overhaul in a decade is coming Healthcare Today
HHS Finalizes HIPAA Rule to Standardize Electronic Claims Attachments – Telehealth.org
World Password Day 2026 – Password Tips and Best Practices – The HIPAA Journal
World Password Day 2026 – Password Tips and Best Practices The HIPAA Journal
Central Ohio Urology Data Breach Affects 4,234 Patients – Claim Depot
OCR Announces HIPAA Enforcement Action Against Self-Funded Group Health Plan – The National Law Review
OCR Announces HIPAA Enforcement Action Against Self-Funded Group Health Plan The National Law Review