Security News > 2024 > June > Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806)

Progress Software has patched one critical and one high-risk vulnerability in MOVEit, its widely used managed file transfer software product.

CVE-2024-5805 is an improper authentication vulnerability in MOVEit Gateway, which serves as a proxy so that MOVEit Transfer - the actual managed file transfer software - can receive inbound connections when deployed behind a firewall.

The same warning has been given to those that will upgrade their MOVEit Transfer installations to fix CVE-2024-5806, a less critical improper authentication flaw affecting the solution's SFTP module.

While CVE-2024-5805 did not affect MOVEit Cloud, CVE-2024-5806 affected customers using the MOVEit Cloud environment, but has been since patched, the company noted.

WatchTowr Labs researchers have been privately alerted to the existence of a flaw in Progress MOVEit Transfer that could lead to an authentication bypass, as well as the fact that Progress has been sending emails to customers urging them to patch and is supposed to reveal its existence on Tuesday, June 25, 2024.

MOVEit installations were infamously massively exploited last year by the Cl0p ransomware gang via a zero-day vulnerability, but WatchTowr researchers say that since Progress has been contacting customers for weeks/months to patch this issue, they do not expect anyone to still be vulnerable due to the embargo.

News URL

https://www.helpnetsecurity.com/2024/06/25/cve-2024-5805-cve-2024-5806/