-
EDR / MDRIdentify, contain, respond, and stop malicious activity on endpoints
-
SIEMCentralize threat visibility and analysis, backed by cutting-edge threat intelligence
-
Risk Assessment & Vulnerability ManagementIdentify unknown cyber risks and routinely scan for vulnerabilities
-
Identity ManagementSecure and streamline client access to devices and applications with strong authentication and SSO
-
Cloud App SecurityMonitor and manage security risk for SaaS apps
-
SASEZero trust secure access for users, locations, and devices
-
SOC ServicesProvide 24/7 threat monitoring and response backed by ConnectWise SOC experts
-
Policy ManagementCreate, deploy, and manage client security policies and profiles
-
Incident Response ServiceOn-tap cyber experts to address critical security incidents
-
Cybersecurity GlossaryGuide to the most common, important terms in the industry
ConnectWise Automate 2022.8 Security Fix
08/04/2022
Vulnerability
CWE-285 Improper Authorization
Severity
Important—Vulnerabilities that could compromise confidential data or other processing resources but require additional access / privilege to do so.
Priority
1—Vulnerabilities that are either being targeted or have a higher risk of being targeted by exploits in the wild. Recommend patching as soon as possible.
Affected versions
ConnectWise Automate versions 2022.7 and earlier are impacted.
Remediation
CLOUD:
Cloud instances have already been updated to the latest Automate release.
ON-PREMISE:
Apply the 2022.8 patch.
Note: While Automate remote agent updates are recommended, an update to the remote agent is not a requirement to remediate this vulnerability.
Additional information
https://home.connectwise.com/securityBulletin/62ebc11b7869e60001461054
This bulletin was updated August 5, 2022
Software updates
https://university.connectwise.com/University/automateresources/productsandupdates.aspx