-
EDR / MDRIdentify, contain, respond, and stop malicious activity on endpoints
-
SIEMCentralize threat visibility and analysis, backed by cutting-edge threat intelligence
-
Risk Assessment & Dark Web MonitoringIdentify and quantify unknown cyber risks and vulnerabilities
-
Cloud App SecurityMonitor and manage security risk for SaaS apps
-
SOC ServicesProvide 24/7 threat monitoring and response backed by ConnectWise SOC experts
-
Policy ManagementCreate, deploy, and manage client security policies and profiles
-
Incident Response ServiceOn-tap cyber experts to address critical security incidents
-
Cybersecurity GlossaryGuide to the most common, important terms in the industry
ConnectWise Automate: Network Probe Insufficiently Protected Credentials
05/12/2022
Vulnerability
CWE-522 Insufficiently Protected Credentials
Severity
Important - Vulnerabilities that could compromise confidential data or other processing resources but require additional access/privilege to do so.
Priority
1 - Vulnerabilities that are either being targeted or have a higher risk of being targeted by exploits in the wild. Recommend patching as soon as possible.
Affected Versions
ConnectWise Automate versions 2022.4 and earlier are impacted.
Remediation
CLOUD:
Cloud instances have already been updated to the latest Automation release.
Please ensure that all Automate remote agents, that have the Network Probe role enabled, are updated to the latest remote agent Service Version (220.124).
ON-PREMISE:
Apply the 2022.5 release, and please ensure that all Automate remote agents, that have the Network Probe role enabled, are updated to the latest remote agent Service Version (220.124).
Additional Info https://home.connectwise.com/securityBulletin/627d2fe90b557a0001dd9e9f
Software Updates https://university.connectwise.com/University/automateresources/productsandupdates.aspx