ConnectWise Patches Critical Flaw in Automate RMM Tool

Posted on By CWS

ConnectWise has rolled out patches for 2 vulnerabilities within the Automate distant monitoring and administration (RMM) instrument that might enable attackers to carry out man-in-the-middle (MiTM) assaults.

Automate is an RMM instrument for enterprises and managed service suppliers (MSPs) that enables organizations to establish, monitor, and handle all related units on a community.

Final week, ConnectWise launched Automate model 2025.9 with patches for CVE-2025-11492 (CVSS rating of 9.6), a critical-severity bug that enables attackers to intercept delicate data that was being transmitted in cleartext.

Moreover, the corporate warned of a high-severity flaw within the RMM software program, tracked as CVE-2025-11493 (CVSS rating of 8.8), and described as the shortage of integrity checks when downloading code.

These vulnerabilities, ConnectWise says, “may expose agent communications and updates to interception or tampering if sure configurations are used.”

Primarily, as a result of brokers deployed on premises could also be configured to make use of HTTP or encryption, an attacker with entry to the community may view or modify visitors, the corporate says.

A risk actor performing an MiTM assault may additionally substitute updates with malicious ones, the corporate warns.

“Automate 2025.9 patch enforces HTTPS for all agent communications to mitigate these dangers. Companions working on-prem servers must also guarantee TLS 1.2 is enforced to keep up safe communications,” ConnectWise says.Commercial. Scroll to proceed studying.

The corporate has rated the vulnerabilities as ‘essential’, as they may result in knowledge compromise however require extra entry for profitable exploitation.

Nevertheless, it has additionally assigned them a ‘reasonable’ precedence, which it usually provides to safety defects “which can be both being focused or have increased danger of being focused by exploits within the wild.”

All organizations utilizing on-premises ConnectWise Automate deployments are suggested to replace their installations as quickly as potential.

Associated: Gladinet Patches Exploited CentreStack Vulnerability

Associated: Vulnerability in Dolby Decoder Can Permit Zero-Click on Assaults

Associated: ICS Patch Tuesday: Fixes Introduced by Siemens, Schneider, Rockwell, ABB, Phoenix Contact

Associated: Excessive-Severity Vulnerabilities Patched by Fortinet and Ivanti

Security Week News Tags:, , , , , ,

Related Posts

Several Code Execution Flaws Patched in Veeam Backup & Replication Security Week News
New $150 Cellik RAT Grants Android Control, Trojanizes Google Play Apps Security Week News
Akira Ransomware’s Exploitation of SonicWall Vulnerability Continues Security Week News
Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet Security Week News
UK Government Acknowledges It Is Investigating Cyber Incident After Media Reports Security Week News
Gladinet CentreStack Flaw Exploited to Hack Organizations Security Week News