EDR / MDRIdentify, contain, respond, and stop malicious activity on endpoints
SIEMCentralize threat visibility and analysis, backed by cutting-edge threat intelligence
Risk Assessment & Vulnerability ManagementIdentify unknown cyber risks and routinely scan for vulnerabilities
Cloud App SecurityMonitor and manage security risk for SaaS apps
SOC ServicesProvide 24/7 threat monitoring and response backed by ConnectWise SOC experts
Policy ManagementCreate, deploy, and manage client security policies and profiles
Incident Response ServiceOn-tap cyber experts to address critical security incidents
Cybersecurity GlossaryGuide to the most common, important terms in the industry
ConnectWise Automate API Vulnerability
CVSS Score: 7.8
A remote authenticated user could exploit a vulnerability in a specific Automate API and execute commands and/or modifications within an individual Automate instance.
- ConnectWise had applied mitigating controls to block any potential exploitation and has applied the hotfix across all environments as of 8:45 pm Eastern Time, June 10, 2020.
- On-premise partners should immediately consider the mitigating controls detailed here.
- Hotfix for version 2020.5 is available here and the .exe file is here.
- Hotfix for version 2020.4 is available here and the .exe file is here.
- Hotfix for version 2020.3 is available here and the .exe file is here.
- Hotfix for version 2020.2 is available here and the .exe file is here.
- Hotfix for version 2020.1 is available here and the .exe file is here.
- Hotfixes for older versions will be available in the coming days.
- On-going updates on these hotfixes are available here.