Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
MOVEit Transfer Improper Privilege Management Vulnerability - CVE-2025-2324 - Vulnerability Database
MOVEit Transfer

MOVEit Transfer Improper Privilege Management Vulnerability - CVE-2025-2324

High
Reference: CVE-2025-2324
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2025-2324
Title: MOVEit Transfer Improper Privilege Management Vulnerability
Overview:

Improper Privilege Management vulnerability for users configured as Shared Accounts in Progress MOVEit Transfer (SFTP module) allows Privilege Escalation.This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.12 from 2024.0.0 before 2024.0.8 from 2024.1.0 before 2024.1.2.