ConnectWise has issued security updates for its Automate platform to fix critical vulnerabilities that could allow interception and manipulation of sensitive communications. These flaws pose a significant risk as they could be exploited by threat actors to impersonate servers or modify updates, especially in on-prem environments. #CVE202511492 #CVE202511493 #ConnectWiseAutomate #AdversaryInTheMiddle
Keypoints
- ConnectWise Automate is a remote monitoring and management platform used by MSPs and large enterprises.
- The critical vulnerability (CVE-2025-11492) allows unencrypted HTTP communication, risking interception of sensitive data.
- The second vulnerability (CVE-2025-11493) involves a lack of integrity checks for updates, enabling impersonation attacks.
- Combined, these flaws could let attackers push malicious files or steal credentials through man-in-the-middle attacks.
- ConnectWise recommends urgent action for on-prem deployments to install the latest version 2025.9 to mitigate risks.