Patching Critical MOVEit Vulnerabilities to Prevent Hacker Bypass

Critical MOVEit Flaws Expose Enterprises to Unauthorized Access and Administrative Control

Researchers have identified two severe vulnerabilities in the MOVEit Automation platform, which could allow attackers to bypass authentication and gain elevated access to enterprise systems.

Vulnerability Details

• CVE-2026-4670: This vulnerability holds a CVSS severity score of 9.8, indicating a critical level of risk. It allows unauthenticated attackers to bypass authentication mechanisms and gain unauthorized access to affected systems.
• CVE-2026-5174: This vulnerability carries a lower severity score of 7.7 but still poses a significant risk due to improper input validation that may enable privilege escalation.

Airbus SecLab researchers Anaïs Gantet, Delphine Gourdou, Quentin Liddell, and Matteo Ricordeau discovered and reported the vulnerabilities, highlighting the importance of prompt action by affected organizations. MOVEit Automation is widely deployed across various industries, including finance, healthcare, and government sectors, making it a high-value target for cybercriminals.

In the past, MOVEit products have been targeted in large-scale cyberattacks, such as the 2023 MOVEit Transfer mass exploitation campaign linked to the Cl0p ransomware group. This incident resulted in widespread data theft and highlights the need for organizations to prioritize the updates and patch newly disclosed vulnerabilities quickly.

Mitigation Steps

• Perform a full installer upgrade to remediate the issues.
• Monitor audit logs for signs of suspicious privilege escalation or unauthorized access attempts that may indicate exploitation activity.

About Author

Vaibhav

See author's posts