-
EDR / MDRIdentify, contain, respond, and stop malicious activity on endpoints
-
SIEMCentralize threat visibility and analysis, backed by cutting-edge threat intelligence
-
Risk Assessment & Vulnerability ManagementIdentify unknown cyber risks and routinely scan for vulnerabilities
-
Identity ManagementSecure and streamline client access to devices and applications with strong authentication and SSO
-
Cloud App SecurityMonitor and manage security risk for SaaS apps
-
SASEZero trust secure access for users, locations, and devices
-
SOC ServicesProvide 24/7 threat monitoring and response backed by ConnectWise SOC experts
-
Policy ManagementCreate, deploy, and manage client security policies and profiles
-
Incident Response ServiceOn-tap cyber experts to address critical security incidents
-
Cybersecurity GlossaryGuide to the most common, important terms in the industry
UPDATE - ConnectWise Automate API Vulnerability
06/13/2020
Vulnerability Details:
CVSS Score: 7.8
Description:
A remote authenticated user could exploit a vulnerability in a specific Automate API and execute commands and/or modifications within an individual Automate instance.
Remediation:
CLOUD PARTNERS:
- ConnectWise re-applied mitigation steps related to deployment of agent installations to address additional hardening measures and we have applied the updated hotfix – 2020.5.178 – which includes the additional hardening measures.
- With this hotfix, the mitigation that interrupted deployment features were removed.
ON-PREMISE PARTNERS:
- On-premise partners should immediately apply the hotfix listed below based on their instance version.
- 2020.5.178 is available here or the .exe file is here.
- 2020.4.143 is available here or the .exe file is here.
- 2020.3.114 is available here or the .exe file is here.
- 2020.2.85 is available here or the .exe file is here.
- 2020.1.53 is available here or the .exe file is here.
- 2019.12.337 is available here or the .exe file is here.
- 2019.11 or older partners, please ensure you have implemented the mitigation steps described here and we strongly encourage that you update to 2019.12 at a minimum.