ConnectWise Automate: Protection Mechanism Failure

07/14/2022
Products: Automate
Severity: Important
Priority: 1 - High

Vulnerability 

CWE-693 Protection Mechanism Failure 

Severity 

Important – Vulnerabilities that could compromise confidential data or other processing resources but require additional access / privilege to do so. 

Priority  

1 – Vulnerabilities that are either being targeted or have a higher risk of being targeted by exploits in the wild. Recommend patching as soon as possible. 

Affected versions 

ConnectWise Automate versions 2022.6 and earlier are impacted. 

Remediation 

CLOUD: 

Cloud instances have already been updated to the latest Automation release. 

Please ensure that all Automate remote agents are updated to the latest remote agent Service Version (220.190).  

ON-PREMISE: 

Apply the 2022.7 release, and please ensure that all Automate remote agents are updated to the latest remote agent Service Version (220.190). 

Additional information 

https://home.connectwise.com/securityBulletin/62cf4323a81e070001b0d697  

Software updates 

https://university.connectwise.com/University/automateresources/productsandupdates.aspx