PT-2025-42523 · Connectwise · Connectwise Automate Agent
Published
2025-10-16
·
Updated
2025-11-23
·
CVE-2025-11492
CVSS v3.1
9.6
Critical
| Vector | AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
ConnectWise Automate versions prior to 2025.9
Description
The ConnectWise Automate Agent could be configured to use HTTP instead of HTTPS for communications. This allows an attacker positioned on the network to intercept, modify, or replay agent-server traffic. The encryption method used for some communications over HTTP has been updated in version 2025.9 to enforce HTTPS for all agent communications, mitigating the risk. This issue could allow attackers to inject malicious commands into Remote Management and Monitoring (RMM) traffic and potentially steal credentials.
Recommendations
Update ConnectWise Automate to version 2025.9 or later to enforce HTTPS for all agent communications.
Fix
RCE
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Connectwise Automate Agent