Security
ConnectWise Resolves Automate Vulnerability to Guard Against AiTM Update Attacks
ConnectWise Addresses Critical Vulnerabilities in Automate Product
ConnectWise has recently released a security update to rectify vulnerabilities, including one with critical severity, in its Automate product. These vulnerabilities posed a risk of exposing sensitive communications to interception and modification.
ConnectWise Automate serves as a remote monitoring and management (RMM) platform utilized by managed service providers (MSPs), IT service companies, and internal IT departments within large enterprises. It functions as a central management hub with elevated privileges to oversee numerous client machines.
The most severe vulnerability that ConnectWise addressed, known as CVE-2025-11492 with a severity rating of 9.6, allowed for the cleartext transmission of sensitive information. This flaw permitted agents to communicate over insecure HTTP instead of encrypted HTTPS, potentially enabling adversary-in-the-middle (AitM) attacks to intercept or modify traffic, including commands, credentials, and update payloads.
Another vulnerability, identified as CVE-2025-11493 with an 8.8 severity score, involved a lack of integrity verification for update packages, their dependencies, and integrations. By exploiting these security issues in tandem, an attacker could maliciously push files as legitimate ones by impersonating a valid ConnectWise server.
ConnectWise has categorized the security update as a moderate priority. While cloud-based instances have already been updated to the latest Automate release, 2025.9, administrators of on-premise deployments are advised to promptly install the new release to mitigate potential risks.
Although there is no mention of active exploitation in the security bulletin, ConnectWise warns that the vulnerabilities present a higher risk of being targeted by exploits in the wild. Notably, threat actors have previously exploited critical-severity flaws in ConnectWise products, prompting the company to undertake measures such as rotating digital code signing certificates to enhance security.
Picus Blue Report 2025 Highlights Password Security Concerns
According to the Picus Blue Report 2025, 46% of environments experienced cracked passwords, nearly doubling from the previous year’s figure of 25%. The report offers comprehensive insights into prevention, detection, and data exfiltration trends.
Revolutionizing Modern Software: The Impact of Rust on Programming
Enhanced Security: Amazon’s Ring Partners with Flock for Advanced Video Surveillance Integration
The Decline of Tesla: A 35% Drop in Brand Value
Battlefield 6: Conquest Revolution – Enhanced XP and Progression System
Jabbr.ai Secures €4.3 Million Funding to Revolutionize Transparency in Combat Sports with Backing from Reddit and Lyft Founders
The Importance of Machine Data in Enhancing Your AI Strategy: Insights from Cisco
Empowering AI in the Field: Advancing Technology at the Tactical Edge
Is Tim Cook’s Time at Apple Coming to an End?
Enhancing Collaboration: Claude’s Integration with Microsoft Teams, Outlook, and OneDrive
Warning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
InstaDub: Meta’s AI Translation Tool for Instagram Videos
Facebook Compliance: ICE-tracking Page Removed After US Government Intervention
Goku Takes on the Dragon Ball FighterZ Arena
Tekken 8: Rise of the Shadows
Neil Young Takes a Stand: Pulling Music from Amazon in Protest of Jeff Bezos’ Support for Trump
Microsoft Integrates Anthropic’s Claude AI Models into 365 Copilot: A Deepening Relationship with OpenAI
Revving into the Future: Ferrari’s Plan to Unleash 20 New Models, Including Electric Vehicles, by 2030
Breaking Updates: Meta Connect 2025 Unveils Latest Developments
9 Cool Gadgets You Can Buy on Amazon
10 Cool Gadgets on Amazon You Can Buy
12 Cool Gadgets You Can Buy on Amazon
10 Crazy Gadgets on Amazon And Online You Can Buy
10 Cool Gadgets on Amazon You Can Buy
12 Cool Gadgets on Amazon You Can Buy
10 Cool Gadgets You Can Buy on Amazon And Online
10 Cool Gadgets You Can Buy on Amazon
10 Cool Gadgets Available on Amazon | Gadgets From Rs,299 Rs,499 to 10k
-
Facebook3 days agoWarning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
-
Facebook4 days agoInstaDub: Meta’s AI Translation Tool for Instagram Videos
-
Facebook3 days agoFacebook Compliance: ICE-tracking Page Removed After US Government Intervention
-
Video Games4 days agoGoku Takes on the Dragon Ball FighterZ Arena
-
Video Games5 days agoTekken 8: Rise of the Shadows
-
Amazon5 days agoNeil Young Takes a Stand: Pulling Music from Amazon in Protest of Jeff Bezos’ Support for Trump
-
Microsoft3 days agoMicrosoft Integrates Anthropic’s Claude AI Models into 365 Copilot: A Deepening Relationship with OpenAI
-
Cars3 days agoRevving into the Future: Ferrari’s Plan to Unleash 20 New Models, Including Electric Vehicles, by 2030
