Progress MOVEit Transfer
Easy fix5 remedies
cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*
Easy fix5 remedies
- >= 2023.1.0, < 2023.1.12
- >= 2024.0.0, < 2024.0.8
- >= 2024.1.0, < 2024.1.2
Progress MOVEit Transfer Improper Privilege Management Vulnerability Allowing Privilege Escalation
Vulnerability
Patched
A vulnerability in Progress MOVEit Transfer's SFTP module allows users with Shared Accounts to improperly escalate privileges. This issue grants unintended List permissions on folders, affecting versions 2023.1.0 prior to 2023.1.12, 2024.0.0 prior to 2024.0.8, and 2024.1.0 prior to 2024.1.2.
Impact
Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing users to gain additional permissions they should not have.
Remediation
Users can upgrade to MOVEit Transfer 2024.1.2, 2024.0.8, or 2023.1.12. Instructions for downloading the update are available on the Progress Community Download Center.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
5.2impact
0.6exploitability
5.4remediation
8.3relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.