ConnectWise Patches Critical Flaw in Automate RMM Tool

Posted on By CWS

ConnectWise has rolled out patches for 2 vulnerabilities within the Automate distant monitoring and administration (RMM) instrument that might enable attackers to carry out man-in-the-middle (MiTM) assaults.

Automate is an RMM instrument for enterprises and managed service suppliers (MSPs) that enables organizations to establish, monitor, and handle all related units on a community.

Final week, ConnectWise launched Automate model 2025.9 with patches for CVE-2025-11492 (CVSS rating of 9.6), a critical-severity bug that enables attackers to intercept delicate data that was being transmitted in cleartext.

Moreover, the corporate warned of a high-severity flaw within the RMM software program, tracked as CVE-2025-11493 (CVSS rating of 8.8), and described as the shortage of integrity checks when downloading code.

These vulnerabilities, ConnectWise says, “may expose agent communications and updates to interception or tampering if sure configurations are used.”

Primarily, as a result of brokers deployed on premises could also be configured to make use of HTTP or encryption, an attacker with entry to the community may view or modify visitors, the corporate says.

A risk actor performing an MiTM assault may additionally substitute updates with malicious ones, the corporate warns.

“Automate 2025.9 patch enforces HTTPS for all agent communications to mitigate these dangers. Companions working on-prem servers must also guarantee TLS 1.2 is enforced to keep up safe communications,” ConnectWise says.Commercial. Scroll to proceed studying.

The corporate has rated the vulnerabilities as ‘essential’, as they may result in knowledge compromise however require extra entry for profitable exploitation.

Nevertheless, it has additionally assigned them a ‘reasonable’ precedence, which it usually provides to safety defects “which can be both being focused or have increased danger of being focused by exploits within the wild.”

All organizations utilizing on-premises ConnectWise Automate deployments are suggested to replace their installations as quickly as potential.

Associated: Gladinet Patches Exploited CentreStack Vulnerability

Associated: Vulnerability in Dolby Decoder Can Permit Zero-Click on Assaults

Associated: ICS Patch Tuesday: Fixes Introduced by Siemens, Schneider, Rockwell, ABB, Phoenix Contact

Associated: Excessive-Severity Vulnerabilities Patched by Fortinet and Ivanti

Security Week News Tags:, , , , , ,

Related Posts

NSO Ordered to Stop Hacking WhatsApp, but Damages Cut to $4 Million Security Week News
Settlement Reached in Investors’ Lawsuit Against Meta CEO Mark Zuckerberg and Other Company Leaders Security Week News
Patch Bypassed for Supermicro Vulnerability Allowing BMC Hack Security Week News
Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors Security Week News
North Korean Hackers Take Over Victims’ Systems Using Zoom Meeting Security Week News
CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable Security Week News