CVE-2025-11493
BaseFortify
Publication date: 2025-10-16
Last updated on: 2025-10-29
Assigner: ConnectWise
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| connectwise | automate | to 2025.9 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-494 | The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs because the ConnectWise Automate Agent does not fully verify the authenticity of files it downloads from the server, such as updates, dependencies, and integrations. As a result, an attacker positioned on the network path could perform a man-in-the-middle attack and replace legitimate files with malicious ones by pretending to be the legitimate server. The risk is reduced if HTTPS is enforced.
How can this vulnerability impact me? :
If exploited, this vulnerability could allow an attacker to deliver malicious files to your system by intercepting and substituting legitimate files during download. This could lead to compromise of confidentiality, integrity, and availability of your system, potentially resulting in unauthorized access, data corruption, or service disruption.
What immediate steps should I take to mitigate this vulnerability?
Enforce the use of HTTPS for all communications between the ConnectWise Automate Agent and its servers to mitigate the risk of man-in-the-middle attacks substituting malicious files for legitimate ones.