CVE-2024-5806

High PUBLISHED

MOVEit Transfer Authentication Bypass Vulnerability

Progress · MOVEit Transfer

Not yet in CISA KEV

Exploited in the wild PoC available

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
High
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
Not yet in CISA KEV
CVSS / EPSS
9.1 Critical

At a Glance

Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2.

CVE Published
Jun 25, 2024
Exploitation Reported
Jun 25, 2024
CVSS
9.1 Critical
EPSS
Remote Low complexity No user interaction Unauthenticated

Affected Versions

Vendor Product Version Status
progress
moveit_transfer

2023.0.0 to < 2023.0.11

Affected
progress
moveit_transfer

2023.1.0 to < 2023.1.6

Affected
progress
moveit_transfer

2024.0.0 to < 2024.0.2

Affected
Progress
MOVEit Transfer

2023.0.0 to < 2023.0.11

Affected
Progress
MOVEit Transfer

2023.1.0 to < 2023.1.6

Affected
Progress
MOVEit Transfer

2024.0.0 to < 2024.0.2

Affected

CVE References

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.