ConnectWise Patches Critical Flaw in Automate RMM Tool

Posted on By CWS

ConnectWise has rolled out patches for 2 vulnerabilities within the Automate distant monitoring and administration (RMM) instrument that might enable attackers to carry out man-in-the-middle (MiTM) assaults.

Automate is an RMM instrument for enterprises and managed service suppliers (MSPs) that enables organizations to establish, monitor, and handle all related units on a community.

Final week, ConnectWise launched Automate model 2025.9 with patches for CVE-2025-11492 (CVSS rating of 9.6), a critical-severity bug that enables attackers to intercept delicate data that was being transmitted in cleartext.

Moreover, the corporate warned of a high-severity flaw within the RMM software program, tracked as CVE-2025-11493 (CVSS rating of 8.8), and described as the shortage of integrity checks when downloading code.

These vulnerabilities, ConnectWise says, “may expose agent communications and updates to interception or tampering if sure configurations are used.”

Primarily, as a result of brokers deployed on premises could also be configured to make use of HTTP or encryption, an attacker with entry to the community may view or modify visitors, the corporate says.

A risk actor performing an MiTM assault may additionally substitute updates with malicious ones, the corporate warns.

“Automate 2025.9 patch enforces HTTPS for all agent communications to mitigate these dangers. Companions working on-prem servers must also guarantee TLS 1.2 is enforced to keep up safe communications,” ConnectWise says.Commercial. Scroll to proceed studying.

The corporate has rated the vulnerabilities as ‘essential’, as they may result in knowledge compromise however require extra entry for profitable exploitation.

Nevertheless, it has additionally assigned them a ‘reasonable’ precedence, which it usually provides to safety defects “which can be both being focused or have increased danger of being focused by exploits within the wild.”

All organizations utilizing on-premises ConnectWise Automate deployments are suggested to replace their installations as quickly as potential.

Associated: Gladinet Patches Exploited CentreStack Vulnerability

Associated: Vulnerability in Dolby Decoder Can Permit Zero-Click on Assaults

Associated: ICS Patch Tuesday: Fixes Introduced by Siemens, Schneider, Rockwell, ABB, Phoenix Contact

Associated: Excessive-Severity Vulnerabilities Patched by Fortinet and Ivanti

Security Week News Tags:, , , , , ,

Related Posts

Apple Rolls Out iOS 26, macOS Tahoe 26 With Patches for Over 50 Vulnerabilities Security Week News
MITRE Publishes Post-Quantum Cryptography Migration Roadmap Security Week News
OneFlip: An Emerging Threat to AI that Could Make Vehicles Crash and Facial Recognition Fail Security Week News
Chinese Hacking Group APT41 Exploits Google Calendar to Target Governments Security Week News
Nevada Confirms Ransomware Attack Behind Statewide Service Disruptions Security Week News
Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day Security Week News