Uncontrolled Resource Consumption in MOVEit Transfer by Progress
CVE-2025-10932
What is CVE-2025-10932?
CVE-2025-10932 is a vulnerability identified in Progress MOVEit Transfer, particularly affecting its AS2 module. MOVEit Transfer is designed for secure file transfer and management, enabling organizations to efficiently and safely exchange sensitive information. This uncontrolled resource consumption vulnerability could lead to significant operational disruptions. Specifically, it may allow an attacker to overwhelm the system by exhausting its resources, potentially resulting in a denial of service condition. Organizations relying on MOVEit for critical file transfers must take this vulnerability seriously, as it could severely hinder their ability to conduct business securely and efficiently.
Potential Impact of CVE-2025-10932
-
Denial of Service: The uncontrolled resource consumption could lead to service downtime, disrupting file transfer operations. This could affect an organization's ability to communicate effectively with clients and partners.
-
Operational Efficiency: By consuming excessive resources, this vulnerability can degrade system performance, causing delays and impacting overall productivity within an organization.
-
Potential Secondary Attacks: If an attacker successfully exploits this vulnerability to destabilize the system, it may open the door for further attacks, potentially allowing unauthorized access or data breaches.
Affected Version(s)
MOVEit Transfer 2025.0.0 < 2025.0.3
MOVEit Transfer 2024.1.0 < 2024.1.7
MOVEit Transfer 2023.1.0 < 2023.1.16