Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/21 2:32 p.m.13 views

CVE-2026-9089

The ConnectWise Automate™ Agent does not fully verify the authenticity of components obtained during plugin loading and self-update operations. This issue is addressed in Automate 2026.5...

8.8CVSS5.8AI score0.00311EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

ConnectWise Automate Agent 安全漏洞

ConnectWise Automate Agent is a remote monitoring and management software developed by the American company ConnectWise. There is a security vulnerability in ConnectWise Automate Agent, which stems from an incomplete verification of component authenticity. This vulnerability may affect plugin...

8.8CVSS5.8AI score0.00311EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/16 9:31 p.m.4 views

EUVD-2025-34827

In the ConnectWise Automate Agent, communications could be configured to use HTTP instead of HTTPS. In such cases, an on-path threat actor with a man-in-the-middle network position could intercept, modify, or replay agent-server traffic. Additionally, the encryption method used to obfuscate some...

9.6CVSS6.2AI score0.00192EPSS
Exploits0References2
OSV
OSV
added 2025/10/16 7:15 p.m.4 views

CVE-2025-11493

The ConnectWise Automate Agent does not fully verify the authenticity of files downloaded from the server, such as updates, dependencies, and integrations. This creates a risk where an on-path attacker could perform a man-in-the-middle attack and substitute malicious files for legitimate ones by...

7.5CVSS5.8AI score0.00212EPSS
Exploits0References1
OSV
OSV
added 2025/10/16 7:15 p.m.4 views

CVE-2025-11492

In the ConnectWise Automate Agent, communications could be configured to use HTTP instead of HTTPS. In such cases, an on-path threat actor with a man-in-the-middle network position could intercept, modify, or replay agent-server traffic. Additionally, the encryption method used to obfuscate some...

7.5CVSS5.8AI score0.00192EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/16 12:0 a.m.7 views

ConnectWise Automate Agent 安全漏洞

ConnectWise Automate Agent is a remote monitoring and management software from ConnectWise USA. A security vulnerability exists in ConnectWise Automate Agent that stems from not fully verifying the authenticity of files downloaded from a server, which could lead to a man-in-the-middle attack...

8.8CVSS6.9AI score0.00212EPSS
Exploits0References2
Rows per page
Query Builder