Check Point Advisories

Progress Multiple Products Remote Code Execution (CVE-2025-13444)

Check Point Reference: CPAI-2025-12225
Date Published: 19 Feb 2026
Severity: Medium
Last Updated: Thursday 19 February, 2026
Source:
Industry Reference:CVE-2025-13444
Protection Provided by:

Security Gateway
R81, R80, R77, R75
Who is Vulnerable? Progress Connection Manager for ObjectScale prior to 7.2.62.2
Progress ECS Connection Manager prior to 7.2.62.2
Progress LoadMaster LTSF prior to 7.2.54.16
Progress LoadMaster GA prior to 7.2.62.2
Progress MOVEit WAF 7.2.62.1
Progress Multi-Tenant Hypervisor prior to 7.1.35.15
Vulnerability Description A remote code execution vulnerability in Progress products allows authenticated attackers with 'User Administration' permissions to execute arbitrary commands on affected appliances by exploiting unsanitized input in API parameters.

Protection Overview

This protection detects attempts to exploit this vulnerability.

In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.

Security Gateway R81 / R80 / R77 / R75

  1. In the IPS tab, click Protections and find the Progress Multiple Products Remote Code Execution (CVE-2025-13444) protection using the Search tool and Edit the protection's settings.
  2. Install policy on all Security Gateways.

This protection's log will contain the following information:

Attack Name:  Web Server Enforcement Violation.
Attack Information:  Progress Multiple Products Remote Code Execution (CVE-2025-13444)

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK