Platform
moveit-transfer
Component
moveit-transfer
Fixed in
2023.1.12
2024.0.8
2024.1.2
CVE-2025-2324 identifies an Improper Privilege Management vulnerability within Progress MOVEit Transfer. This flaw allows users configured as Shared Accounts to escalate their privileges, potentially granting them unauthorized access to sensitive data and system resources. The vulnerability impacts MOVEit Transfer versions ranging from 2023.1.0 through 2024.1.2. A fix is available in version 2024.1.2.
The core impact of CVE-2025-2324 lies in the potential for privilege escalation. An attacker exploiting this vulnerability could leverage a Shared Account to gain elevated permissions within the MOVEit Transfer environment. This could allow them to access files, modify configurations, or even execute commands with administrative privileges. The blast radius extends to any data stored and processed by MOVEit Transfer, including sensitive business information, customer data, and intellectual property. Successful exploitation could lead to data breaches, system compromise, and disruption of business operations. While the CVSS score is MEDIUM, the potential for significant data exposure warrants immediate attention.
CVE-2025-2324 was publicly disclosed on March 19, 2025. As of this date, there are no publicly available proof-of-concept exploits. The vulnerability is not currently listed on the CISA KEV catalog. Given the nature of privilege escalation vulnerabilities and the widespread use of MOVEit Transfer, it is prudent to assume that exploitation attempts may occur in the future. Organizations should prioritize patching to minimize their exposure.
Exploit Status
EPSS
0.06% (19% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-2324 is to upgrade MOVEit Transfer to version 2024.1.2 or later. If an immediate upgrade is not feasible due to compatibility concerns or system downtime requirements, consider temporarily restricting access to Shared Accounts or implementing stricter access controls to limit the potential impact of exploitation. Review existing user permissions and ensure that Shared Accounts are only granted the minimum necessary privileges. Monitor MOVEit Transfer logs for any suspicious activity related to Shared Account access. After upgrading, verify the fix by attempting to escalate privileges using a Shared Account and confirming that the attempt is denied.
Update MOVEit Transfer to version 2023.1.12, 2024.0.8, or 2024.1.2, or a later version, as appropriate. This will resolve the privilege escalation vulnerability. See the vendor security advisory for more details and specific instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-2324 is a MEDIUM severity vulnerability in Progress MOVEit Transfer allowing Shared Accounts to escalate privileges, potentially granting unauthorized access. It affects versions 2023.1.0–2024.1.2.
You are affected if you are using MOVEit Transfer versions 2023.1.0 through 2024.1.2 and have users configured as Shared Accounts.
Upgrade MOVEit Transfer to version 2024.1.2 or later to remediate the vulnerability. Consider restricting Shared Account access as a temporary workaround.
As of March 2025, there are no confirmed reports of active exploitation, but it’s prudent to patch promptly.
Refer to the Progress MOVEit Transfer security advisory for detailed information and updates: [https://www.progress.com/moveit-transfer/security-advisories](https://www.progress.com/moveit-transfer/security-advisories)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.