Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass

Progress Software has patched a critical authentication bypass vulnerability in MOVEit Automation, its enterprise managed file transfer (MFT) platform used by organizations to automate secure file movement workflows.

The flaw allows attackers to bypass authentication mechanisms entirely, granting unauthorized access to the system without valid credentials. This represents a severe risk for enterprise environments relying on MOVEit Automation to handle sensitive data transfers across departments and external partners.

MOVEit Automation serves as a centralized, server-based solution that eliminates the need for custom scripts when scheduling and automating file movement workflows. Organizations across financial services, healthcare, manufacturing, and government sectors depend on this platform to transfer confidential documents, financial records, and proprietary data securely.

An attacker exploiting this authentication bypass could intercept, modify, or exfiltrate files in transit without detection. They could also inject malicious payloads into workflows, compromise downstream systems that consume transferred files, or establish persistent access to the MFT infrastructure itself. The scope of exposure depends on the volume and sensitivity of data flowing through each organization's MOVEit deployment.

Progress Software has released patches addressing both this critical flaw and an additional security issue affecting MOVEit Automation. The company has not disclosed the specific CVE identifiers or technical details of the bypass mechanism in initial advisories, likely to prevent rapid exploitation during the patch rollout period.

Organizations running MOVEit Automation should prioritize applying these updates immediately. Administrators should review access logs for suspicious authentication attempts or unauthorized file transfers that may indicate prior exploitation. Networks with MOVEit instances accessible from the internet face the highest risk and should consider implementing network segmentation or restricting access to known trusted IP ranges pending patch deployment.

The vulnerability underscores the ongoing security challenges facing enterprise integration platforms that handle business-critical data flows. Delayed patching of such systems