Progress Software ShareFile Storage Zone Controller path traversal patch release
Security Patch Release
Summary
Hide ▲
Show ▼
Progress Software released 5.12.5 and 6.0.2 for ShareFile Storage Zone Controller after a high-severity zero-day path traversal vulnerability forced last week’s shutdown. The updates cover all 5.x and 6.x versions and let customers bring controllers back online once installed. Progress said it has no indication of unauthorized access to customer accounts or data. A CVE has been reserved and will be published later.
Related Happenings
Progress ShareFile access disruption during security threat investigation
Service Disruption
H score1
First: 13.07.2026 15:05
Last: 13.07.2026 15:05
Sources 1
About this happening:
**Progress ShareFile** experienced a **customer-access disruption** after Progress Software identified a **credible external security threat** targeting **Storage Zone Controllers...
Progress ShareFile access disruption during security threat investigation
Service DisruptionAbout this happening: **Progress ShareFile** experienced a **customer-access disruption** after Progress Software identified a **credible external security threat** targeting **Storage Zone Controllers...
Progress ShareFile Storage Zone Controller access disruption
Service Disruption
H score53
First: 10.07.2026 19:30
Last: 10.07.2026 19:30
Sources 1
How related:
Last week, Progress urged customers using ShareFile Storage Zone Controllers to immediately shut down their Windows servers after receiving a warning of a "credible external security threat."
About this happening:
**ShareFile Storage Zone Controller** customers lost access when **Progress Software** temporarily disabled affected accounts and marked them **not operational** while investigati...
Progress ShareFile Storage Zone Controller access disruption
Service DisruptionHow related: Last week, Progress urged customers using ShareFile Storage Zone Controllers to immediately shut down their Windows servers after receiving a warning of a "credible external security threat."
About this happening: **ShareFile Storage Zone Controller** customers lost access when **Progress Software** temporarily disabled affected accounts and marked them **not operational** while investigati...
Latest development: 14.07.2026 19:08
Progress confirmed a high-severity zero-day path traversal vulnerability affecting all 5.x and 6.x versions of ShareFile Storage Zone Controller and released versions 5.12.5 and 6.0.2 to patch the flaw. Progress said the update follows the emergency shutdown of affected controllers and that it has no indication of unauthorized access to any ShareFile customer account or data.
Progress ShareFile Storage Zone Controllers shutdown guidance
Advisory/Mitigation
H score44
First: 10.07.2026 19:26
Last: 10.07.2026 19:26
Sources 1
How related:
Last week, Progress urged customers using ShareFile Storage Zone Controllers to immediately shut down their Windows servers after receiving a warning of a "credible external security threat."
About this happening:
**Progress Software** has told **ShareFile** customers using **Storage Zone Controllers** to **shut down their servers immediately** after detecting a **credible external security...
Progress ShareFile Storage Zone Controllers shutdown guidance
Advisory/MitigationHow related: Last week, Progress urged customers using ShareFile Storage Zone Controllers to immediately shut down their Windows servers after receiving a warning of a "credible external security threat."
About this happening: **Progress Software** has told **ShareFile** customers using **Storage Zone Controllers** to **shut down their servers immediately** after detecting a **credible external security...
Latest development: 14.07.2026 19:08
Progress Software identified a high-severity path traversal vulnerability affecting all 5.x and 6.x versions of ShareFile Storage Zone Controller, reserved a CVE identifier for it, and released versions 5.12.5 and 6.0.2 to patch the flaw and restore the controllers after updating. The company said it has no indication of unauthorized access to any ShareFile customer account or data and no active threat has been identified.
Progress Software security patch release for CVE-2026-4670
Security Patch Release
H score44
First: 04.05.2026 19:34
Last: 04.05.2026 19:34
Sources 1
About this happening:
**Progress Software** has released **MOVEit Automation** updates to fix **CVE-2026-4670** and **CVE-2026-5174**, including a **critical authentication bypass** that could expose e...
Progress Software security patch release for CVE-2026-4670
Security Patch ReleaseAbout this happening: **Progress Software** has released **MOVEit Automation** updates to fix **CVE-2026-4670** and **CVE-2026-5174**, including a **critical authentication bypass** that could expose e...
Fortinet FortiOS follow-on patch release for authentication bypass
Security Patch Release
H score42
First: 21.01.2026 19:49
Last: 21.01.2026 19:49
Sources 1
About this happening:
**Fortinet** is preparing **FortiOS 7.4.11, 7.6.6, and 8.0.0** to fully close an **authentication bypass** flaw affecting **FortiOS/FortiGate** deployments. The follow-on release...
Fortinet FortiOS follow-on patch release for authentication bypass
Security Patch ReleaseAbout this happening: **Fortinet** is preparing **FortiOS 7.4.11, 7.6.6, and 8.0.0** to fully close an **authentication bypass** flaw affecting **FortiOS/FortiGate** deployments. The follow-on release...
Timeline
-
14.07.2026 19:08 2 articles · 2h ago
Progress releases ShareFile Storage Zone Controller fixes for path traversal zero-day
Mitigation Patch UpdateProgress Software released versions 5.12.5 and 6.0.2 for ShareFile Storage Zone Controller and urged customers to install the security updates before bringing controllers back online. Progress said its investigation found a high-severity path traversal vulnerability affecting all 5.x and 6.x versions and tied it to the emergency shutdown of ShareFile Storage Zone Controllers after a credible external security threat warning.
Show sources
- Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown — www.bleepingcomputer.com — 14.07.2026 19:08
- Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown — www.bleepingcomputer.com — 14.07.2026 19:08