ConnectWise Automate: Protection Mechanism Failure
Vulnerability
CWE-693 Protection Mechanism Failure
Severity
Important – Vulnerabilities that could compromise confidential data or other processing resources but require additional access / privilege to do so.
Priority
1 – Vulnerabilities that are either being targeted or have a higher risk of being targeted by exploits in the wild. Recommend patching as soon as possible.
Affected versions
ConnectWise Automate versions 2022.6 and earlier are impacted.
Remediation
CLOUD:
Cloud instances have already been updated to the latest Automation release.
Please ensure that all Automate remote agents are updated to the latest remote agent Service Version (220.190).
ON-PREMISE:
Apply the 2022.7 release, and please ensure that all Automate remote agents are updated to the latest remote agent Service Version (220.190).
Additional information
https://home.connectwise.com/securityBulletin/62cf4323a81e070001b0d697
Software updates
https://university.connectwise.com/University/automateresources/productsandupdates.aspx