ConnectWise PSA 2022.2 Security Fix
10/12/2023
Vulnerability
CWE-1395: Dependency on Vulnerable Third-Party Component
Severity
Critical - Vulnerabilities that could compromise confidential data or other processing resources but require additional access / privilege to do so.
Priority
1 - Vulnerabilities that are either being targeted or have higher risk of being targeted by exploits in the wild. Recommend installing updates as emergency changes or as soon as possible (e.g. within days)
Affected versions
ConnectWise PSA™ versions 2022.2 and earlier are impacted.
Remediation
CLOUD:
Cloud instances are automatically being updated to the latest ConnectWise PSA release.
ON-PREMISE:
Apply the 2022.2 release patch and ensure all desktop clients are up to date.