What is CVE-2025-11235?

CVE-2025-11235 is a low-severity vulnerability in Progress Moveit Transfer, classified under CWE-620. CVSS score: 3.7/10. Published 2026-01-06.

How severe is CVE-2025-11235?

Low severity. CVSS v3 base score is 3.7 out of 10.

Vulnerability in Progress Moveit Transfer

CVE-2025-11235

Unverified Password Change vulnerability in Progress MOVEit Transfer on Windows (REST API modules).This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.3, from 2023.0.0 before 2023.0.8, from 2022.1.0 before 2022.1.11, from 2022…

EPSS: 0.000 (7.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.7 (Low). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L.

Affected products

Progress Moveit Transfer — versions 2023.1.0, 2023.0.0, 2022.1.0

Weakness classification (CWE)

CWE-620

References

docs.progress.com/bundle/moveit-transfer-release-notes-2023_1/page/Fixed-Issues…

Frequently asked questions

What is CVE-2025-11235?: CVE-2025-11235 is a low-severity vulnerability in Progress Moveit Transfer, classified under CWE-620. CVSS score: 3.7/10. Published 2026-01-06.
How severe is CVE-2025-11235?: Low severity. CVSS v3 base score is 3.7 out of 10.