ConnectWise has fixed a high-severity vulnerability affecting a ConnectWise Automate API and is urging users who run the solution on their premises to implement the provided hotfixes.
About ConnectWise Automate and the vulnerability
ConnectWise is a provider of business automation solutions for managed services providers (MSPs) and IT solution providers.
ConnectWise Automate is a software suite IT support technicians use to remotely monitor and manage customers’ assets (servers and workstations).
“A remote authenticated user could exploit a vulnerability in a specific Automate API and execute commands and/or modifications within an individual Automate instance,” the company shared in a security bulletin. Effectively, this could allow attackers to do things like run commands on endpoints, create new users, etc.
The vulner ..
Support the originator by clicking the read the rest link below.
