CVE-2025-11492
BaseFortify
Publication date: 2025-10-16
Last updated on: 2025-10-29
Assigner: ConnectWise
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| connectwise | automate | to 2025.9 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-319 | The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the ConnectWise Automate Agent when communications are configured to use HTTP instead of HTTPS. In such cases, an attacker positioned on the network path (man-in-the-middle) can intercept, modify, or replay the traffic between the agent and the server. The vulnerability is addressed in the Automate 2025.9 patch, which enforces HTTPS for all agent communications and updates the encryption method used to obfuscate some communications over HTTP.
How can this vulnerability impact me? :
If exploited, this vulnerability allows an attacker to intercept sensitive data, alter communications, or replay messages between the ConnectWise Automate Agent and its server. This can lead to unauthorized access, data breaches, or disruption of services, potentially compromising the confidentiality, integrity, and availability of the affected systems.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, ensure that the ConnectWise Automate Agent communications are configured to use HTTPS instead of HTTP. Applying the Automate 2025.9 patch will enforce HTTPS for all agent communications and update the encryption method to prevent interception or modification by on-path attackers.