Progress Software has issued urgent security patches to address a critical vulnerability identified as CVE-2025-10932 in MOVEit Transfer, an enterprise file transfer solution. The vulnerability, which falls under the category of uncontrolled resource consumption, has a CVSS score of 8.2, indicating its high severity. Affected versions include several from 2025, 2024, and 2023, placing many organizations at risk of potential service disruption due to resource exhaustion.
To mitigate this exposure, Progress has introduced hotfixes that require IP address whitelisting specifically for the AS2 module, preventing unauthorized access. Organizations that utilize the AS2 functionality are urged to implement these fixes rapidly; those not using it can temporarily remove susceptible endpoints without server downtime. For added protection, administrators must ensure that they configure whitelisting rules appropriately post-update to maintain secure operations. Given the high potential business impact tied to this vulnerability, swift action is essential for enterprises to safeguard their file transfer infrastructures and prevent denial-of-service outcomes.
👉 Pročitaj original: Cyber Security News
