PSA & RMM

Solve any challenge with one platform

Operate more efficiently, reduce complexity, improve EBITDA, and much more with the purpose-built platform for MSPs.

Cybersecurity & Data Protection

Ensure security and business continuity, 24/7

Protect and defend what matters most to your clients and stakeholders with ConnectWise's best-in-class cybersecurity and BCDR solutions.

Hyperautomation

Integrate and automate to unlock cost savings

Leverage generative AI and RPA workflows to simplify and streamline the most time-consuming parts of IT.

University

University Log-In

Check out our online learning platform, designed to help IT service providers get the most out of ConnectWise products and services.

About Us

Experience the ConnectWise Way

Join hundreds of thousands of IT professionals benefiting from and contributing to a legacy of industry leadership when you become a part of the ConnectWise community.

News & Press

Experience the ConnectWise Way

Join hundreds of thousands of IT professionals benefiting from and contributing to a legacy of industry leadership when you become a part of the ConnectWise community.

ConnectWise

ConnectWise Authentication Bypass

07/16/2020

Products: Automate
Severity: Critical
Priority: 1 - High

Vulnerability Details:

CVSS Score: 9.2

CWE: 693 – Protection Mechanism Failure

Description:

Inadequate validation of the computer password could potentially allow a remote user to bypass agent authentication in probe communication or agent registration. Subsequently, this could facilitate further exploitation should other vulnerabilities exist.

Remediation:

CLOUD PARTNERS:

  • ConnectWise has applied the 2020.0.7.251 patch across all cloud partner environments.

ON-PREMISE PARTNERS:

  • On-premise partners should immediately apply the patches listed below, following the important pre and post patch instructions available in the ConnectWise University here. The download link is available in the instruction page.

ConnectWise Automate 2020.0.7.251

ConnectWise Automate 2019.0.12.342

;