https://www.connectwise.com/company/trust/advisories <p>Communications on broader security related topics that may not be linked to a specific ConnectWise product or vulnerability, but are still of importance to our partner community.</p> en-US Ⓒ ConnectWise 2025, LLC. All rights reserved. Mon, 24 Nov 2025 11:09:11 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories Salesloft announced a breach impacting their customers with the Salesforce-Drift integration, allowing unauthorized access to customers’ Salesforce data. Drift is an AI chat agent. ConnectWise was impacted along with hundreds of other organizations. No ConnectWise products or services were impacted. No sensitive data was accessed or misused Thu, 25 Sep 2025 04:00:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories Read more in our Advisory post. Wed, 11 Jun 2025 16:00:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories Time sensitive: We are updating the digital signing certificates used in ConnectWise ScreenConnect, Automate, and RMM due to concerns raised by a third-party researcher about how ScreenConnect handled certain configuration data in earlier versions. Read more in our Advisory post. Mon, 09 Jun 2025 04:00:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories ConnectWise recently learned of suspicious activity within our environment, which affected a very small number of ScreenConnect customers. We've implemented enhanced monitoring and hardening measures across our environment and have not observed any further suspicious activity in any customer instances. Read more in our Advisory post. Wed, 28 May 2025 16:00:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories#AWS-EU-0321 ScreenConnect versions 25.2.3 and earlier are impacted. Please see the following bulletin for more information. https://www.connectwise.com/company/trust/security-bulletins/screenconnect-security-patch-2025.4 Thu, 24 Apr 2025 19:00:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories#AWS-EU-0321 Our team was notified by a security researcher of a vulnerability to a single AWS server in our EU environment. This server hosts a legacy service that we had targeted for deprecation. While our investigation is ongoing, we wanted to inform you of the potential risk associated with this incident. Thu, 21 Mar 2024 10:20:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories#AWS-EU-0321 Our team was notified by a security researcher of a vulnerability to a single AWS server in our EU environment. This server hosts a legacy service that we had targeted for deprecation. While our investigation is ongoing, we wanted to inform you of the potential risk associated with this incident. Thu, 21 Mar 2024 10:20:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories We strongly urge all users of ScreenConnect to prioritize the installation of the latest patch and follow the recommended mitigation and hardening measures. Tue, 05 Mar 2024 01:00:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories#CWE-288 If you suspect you have been compromised related to the recent ConnectWise ScreenConnect™ vulnerability (CWE-288), please follow the mitigation steps in this advisory. Tue, 26 Mar 2024 00:00:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories At ConnectWise, our top priority is upholding our commitment to deliver and maintain secure products for our partners. Our team has been working around the clock to ensure your protection from the issues affecting the latest ConnectWise ScreenConnect™ vulnerability. Mon, 01 Jan 2001 05:00:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories Fortinet has recently released two critical vulnerabilities in its FortiSIEM platform, which is used as part of the ConnectWise Co-Managed SIEM powered by StratoZen security offering. ConnectWise is upgrading all hosted environments over the next week, and we strongly recommend all co-managed partners upgrade to the latest version of FortiSIEM. Sat, 10 Feb 2024 03:00:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories Our team recently noticed malicious activity by bad actors attempting credential-stuffing and brute-force attacks targeting some ConnectWise Automate partners with ConnectWise ScreenConnect instances. There is no evidence of any unauthorized access, and the security measures in place worked as intended to prevent any breach. Tue, 23 Jan 2024 02:00:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories ConnectWise Information Security team has identified an increase in phishing campaigns that attempt to exploit ConnectWise ScreenConnect™ by mimicking new login alerts to deceive users into sharing their login credentials. These phishing emails are designed to appear as genuine login alerts to gain unauthorized access to legitimate ScreenConnect instances. We know email phishing attacks continue to get more sophisticated, mirroring authentic messages and web content, so we want to ensure you are informed about this threat and know how to protect your data and privacy. Thu, 19 Oct 2023 00:00:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories *This advisory has been updated to include the impact to ConnectWise PSA.Security researchers opened two vulnerabilities relating to maliciously formed WebP images, which could be used to exploit browsers, as well as the libwebp library that extends to more than just browsers. The libwebp library is used by many operating systems and popular applications to render .webp images. Wed, 30 Nov 2022 02:00:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories This vulnerability allows adversaries to exploit TCP port 1801 within ConnectWise PSA and execute remote code without authorization Sat, 15 Apr 2023 00:00:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories Researchers from ReversingLabs have identified malicious Python packages located on the popular Python package repository “Python Package Index (PyPI)” posing as a software development kit (SDK) from SentinelOne.  The package mimics the legitimate SDK that's offered by SentinelOne to its customers but adds backdoor and data exfiltration features. Wed, 21 Dec 2022 04:52:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories SafeBreach Labs researcher Or Yair uncovered vulnerabilities in several leading EDR and AV solutions, including SentinelOne, that allows a non-privileged user to create NTFS reparse points, which creates a path that “links” to a different path. The SentinelOne agent uses Windows functionality to get a path of a file to mitigate. A malicious actor may replace the path with a different path to a file to which it does not have privileges. This can potentially turn the agent into a malicious data wiper. Wed, 14 Dec 2022 09:21:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories We are aware of a phishing campaign that mimics ConnectWise Control New Login Alert emails and has the potential to lead to unauthorized access to legitimate Control instances. Wed, 30 Nov 2022 02:00:00 Z e597a189-70fc-43b2-ae54-2e31d05893da https://www.connectwise.com/company/trust/advisories Phishing remains a significant attack vector fronting attack chains in some very high-profile security incidents. As such, it is imperative that organizations implement email security controls to prevent impersonation/spoofing of their users and domains. SPF, DKIM, and DMARC provide a layer of protection against this by working in tandem to authenticate email and helping to ensure that the sender REALLY is who they say they are. Thu, 05 May 2022 19:00:00 Z