Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass
Summary
Progress Software has released updates for its MOVEit Automation product to fix two security vulnerabilities. One of the patched flaws is a critical bug that could allow attackers to bypass authentication.
IFF Assessment
The authentication bypass vulnerability allows attackers to gain unauthorized access to sensitive systems.
Severity
The critical rating is estimated due to the authentication bypass capability, which typically allows for high impact and easy exploitation if the attack vector is network-based and privileges are not required.
Defender Context
Organizations using MOVEit Automation must prioritize applying the released patches to mitigate the risk of unauthorized access. Authentication bypass vulnerabilities are particularly dangerous as they can grant attackers privileged access without needing to compromise credentials.