CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

ConnectWise Patches Critical Flaw in Automate RMM Tool

Attackers could exploit vulnerable deployments to intercept and tamper with communications in certain configurations. The post ConnectWise Patches Critical Flaw in Automate RMM Tool appeared first on SecurityWeek.

ConnectWise vulnerability

ConnectWise has rolled out patches for two vulnerabilities in the Automate remote monitoring and management (RMM) tool that could allow attackers to perform man-in-the-middle (MiTM) attacks.

Automate is an RMM tool for enterprises and managed service providers (MSPs) that allows organizations to identify, monitor, and manage all connected devices on a network.

Last week, ConnectWise released Automate version 2025.9 with patches for CVE-2025-11492 (CVSS score of 9.6), a critical-severity bug that allows attackers to intercept sensitive information that was being transmitted in cleartext.

Additionally, the company warned of a high-severity flaw in the RMM software, tracked as CVE-2025-11493 (CVSS score of 8.8), and described as the lack of integrity checks when downloading code.

These vulnerabilities, ConnectWise says, “could expose agent communications and updates to interception or tampering if certain configurations are used.”

Essentially, because agents deployed on premises may be configured to use HTTP or encryption, an attacker with access to the network could view or modify traffic, the company says.

A threat actor performing an MiTM attack could also replace updates with malicious ones, the company warns.

“Automate 2025.9 patch enforces HTTPS for all agent communications to mitigate these risks. Partners running on-prem servers should also ensure TLS 1.2 is enforced to maintain secure communications,” ConnectWise says.

The company has rated the vulnerabilities as ‘important’, as they could lead to data compromise but require additional access for successful exploitation.

However, it has also assigned them a ‘moderate’ priority, which it typically gives to security defects “that are either being targeted or have higher risk of being targeted by exploits in the wild.”

All organizations using on-premises ConnectWise Automate deployments are advised to update their installations as soon as possible.

Related: Gladinet Patches Exploited CentreStack Vulnerability

Related: Vulnerability in Dolby Decoder Can Allow Zero-Click Attacks

Related: ICS Patch Tuesday: Fixes Announced by Siemens, Schneider, Rockwell, ABB, Phoenix Contact

Related: High-Severity Vulnerabilities Patched by Fortinet and Ivanti

Latest News

CYBERNEWSMEDIAPublisher