ConnectWise Automate 2022.8 Security Fix

08/04/2022
Products: Automate
Severity: Important
Priority: 1 - High

Vulnerability 

CWE-285 Improper Authorization   

Severity 

Important—Vulnerabilities that could compromise confidential data or other processing resources but require additional access / privilege to do so.  

Priority  

1—Vulnerabilities that are either being targeted or have a higher risk of being targeted by exploits in the wild. Recommend patching as soon as possible.  

Affected versions 

ConnectWise Automate versions 2022.7 and earlier are impacted.  

Remediation 

CLOUD: 

Cloud instances have already been updated to the latest Automate release.  

ON-PREMISE: 

Apply the 2022.8 patch.  

Note: While Automate remote agent updates are recommended, an update to the remote agent is not a requirement to remediate this vulnerability. 

Additional information 

https://home.connectwise.com/securityBulletin/62ebc11b7869e60001461054

This bulletin was updated August 5, 2022

Software updates 

https://university.connectwise.com/University/automateresources/productsandupdates.aspx