EDR / MDRIdentify, contain, respond, and stop malicious activity on endpoints
SIEMCentralize threat visibility and analysis, backed by cutting-edge threat intelligence
Risk Assessment & Vulnerability ManagementIdentify unknown cyber risks and routinely scan for vulnerabilities
Identity ManagementSecure and streamline client access to devices and applications with strong authentication and SSO
Cloud App SecurityMonitor and manage security risk for SaaS apps
SASEZero trust secure access for users, locations, and devices
SOC ServicesProvide 24/7 threat monitoring and response backed by ConnectWise SOC experts
Policy ManagementCreate, deploy, and manage client security policies and profiles
Incident Response ServiceOn-tap cyber experts to address critical security incidents
Cybersecurity GlossaryGuide to the most common, important terms in the industry
ConnectWise Automate 2022.9 Security Fix
CWE-284 Improper Access Control
Important—Vulnerabilities that could compromise confidential data or other processing resources but require additional access / privilege to do so.
1—Vulnerabilities that are either being targeted or have a higher risk of being targeted by exploits in the wild. Recommend patching as soon as possible.
ConnectWise Automate versions 2022.8 and earlier are impacted.
Cloud instances have already been updated to the latest Automate release.
Apply the 2022.9 patch.
Review the ConnectWise Automate Comprehensive Security Best Practice Guide and ensure your environment is configured appropriately relating to network hardening guidelines and best practices for your Automate environment.
Note: While Automate remote agent updates are recommended, an update to the remote agent is not a requirement to remediate this vulnerability.