A MOVEit Transfer authentication bypass vulnerability disclosed Tuesday is now being targeted by threat actors, and customers are urged to apply patches on an emergency basis. The flaw tracked as CVE-2024-5806 was given a CVSS critical score of 9.1 by MOVEit Transfer provider Progress Software Corporation, which began distributing a patch on June 11 prior to the June 25 public disclosure.

Source: SC Magazine