EDR / MDRIdentify, contain, respond, and stop malicious activity on endpoints
SIEMCentralize threat visibility and analysis, backed by cutting-edge threat intelligence
Risk Assessment & Dark Web MonitoringIdentify and quantify unknown cyber risks and vulnerabilities
Cloud App SecurityMonitor and manage security risk for SaaS apps
SOC ServicesProvide 24/7 threat monitoring and response backed by ConnectWise SOC experts
Policy ManagementCreate, deploy, and manage client security policies and profiles
Incident Response ServiceOn-tap cyber experts to address critical security incidents
Cybersecurity GlossaryGuide to the most common, important terms in the industry
ConnectWise Automate: Security Fixes
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-214 : Invocation of Process Using Visible Sensitive Information
Important - Vulnerabilities that could compromise confidential data or other processing resources but require additional access / privilege to do so.
2 - Vulnerabilities that have elevated risk but exploits are neither known nor anticipated to be imminent. Recommend prioritizing this update against their normal change management timelines and wait no longer than 30 days to install the patch.
ConnectWise Automate versions 2022.5 and earlier are impacted.
Cloud instances have already been updated to the latest Automation release.
Please ensure that all Automate remote agents are updated to the latest remote agent Service Version (220.166).
Apply the 2022.6 release, and please ensure that all Automate remote agents are updated to the latest remote agent Service Version (220.166).