Security bulletins

ConnectWise uses various methods to communicate security vulnerability information to customers. A Security Bulletin is used when publicly disclosing security vulnerabilities discovered in ConnectWise offerings.

Alternative tools and processes are used, where appropriate, when targeted or discrete communication with entitled customers is required. To protect our customers, ConnectWise does not publicly disclose or confirm security vulnerabilities until ConnectWise has conducted an analysis of the product and has issued fixes and/or mitigations.

Security Bulletins notify customers about one or more vulnerabilities. These bulletins provide guidance to assist customers in assessing the impact of any actual or potential security vulnerability in the context of their environment.


We have created an RSS feed for these security bulletins. As bulletins get posted to this page, the RSS feed will be updated. Paste this link into your RSS feed reader to get updates. New to setting up RSS, or need help with RSS feeds? Here are some helpful articles to get you started:
What are RSS feeds? | How to Set Up an RSS Feed in Microsoft Outlook 2019 | Chrome Extensions: RSS Readers

Filter By:
ConnectWise Automate 2023.5 Security Fix
ConnectWise Automate versions 2023.4 and earlier are impacted.
ConnectWise Automate 2023.1 Security Fix
ConnectWise Automate versions 2022.12 and earlier are impacted.
ConnectWise Automate 2022.11 Security Fix
ConnectWise Automate versions 2022.10 and earlier are impacted.
ConnectWise BCDR and R1Soft Server Backup Manager Critical Security Release
ConnectWise BCDR (formerly Recover): Recover v2.9.7 and earlier versions are impacted. R1Soft: SBM v6.16.3 and earlier versions are impacted.
ConnectWise Automate 2022.9 Security Fix
ConnectWise Automate versions 2022.8 and earlier are impacted.
ConnectWise Automate 2022.8 Security Fix
ConnectWise Automate versions 2022.7 and earlier are impacted.