Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-6066

Summary
Assigner-ConnectWise
Assigner Org ID-7d616e1a-3288-43b1-a0dd-0a65d3e70a49
Published At-20 Apr, 2026 | 15:26
Updated At-20 Apr, 2026 | 16:13
Rejected At-
Credits

Unencrypted Client‑Server Communication in ConnectWise Automate™ Solution Center

ConnectWise has released a security update for ConnectWise Automate™ that addresses a behavior in the ConnectWise Automate Solution Center where certain client-to-server communications could occur without transport-layer encryption. This could allow network‑based interception of Solution Center traffic in Automate deployments. The issue has been resolved in Automate 2026.4 by enforcing secure communication for affected Solution Center connections.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:ConnectWise
Assigner Org ID:7d616e1a-3288-43b1-a0dd-0a65d3e70a49
Published At:20 Apr, 2026 | 15:26
Updated At:20 Apr, 2026 | 16:13
Rejected At:
▼CVE Numbering Authority (CNA)
Unencrypted Client‑Server Communication in ConnectWise Automate™ Solution Center

ConnectWise has released a security update for ConnectWise Automate™ that addresses a behavior in the ConnectWise Automate Solution Center where certain client-to-server communications could occur without transport-layer encryption. This could allow network‑based interception of Solution Center traffic in Automate deployments. The issue has been resolved in Automate 2026.4 by enforcing secure communication for affected Solution Center connections.

Affected Products
Vendor
ConnectWise
Product
Automate
Modules
  • Solution Center
Default Status
unaffected
Versions
Affected
  • All versions prior to 2026.4
Problem Types
TypeCWE IDDescription
CWECWE-319CWE-319 Cleartext transmission of sensitive information
Type: CWE
CWE ID: CWE-319
Description: CWE-319 Cleartext transmission of sensitive information
Metrics
VersionBase scoreBase severityVector
3.17.1HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Version: 3.1
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-117CAPEC-117 Interception
CAPEC ID: CAPEC-117
Description: CAPEC-117 Interception
Solutions

Remediation Cloud: No action is required.  On-Premise: Apply the 2026.4 release. For instruction on updating to the newest release, please reference this doc: Automate Release Notes Version 2026 - ConnectWise https://docs.connectwise.com/ConnectWise_Automate_Documentation/100/Automate_Release_Notes_Version_2026 After applying the update, on-premises customers must ensure the following configurations are in place: * An SSL certificate is bound to the Solution Center on port 8484 to establish secure communication. Refer to the ConnectWise documentation for configuration steps: Solution Center Client and Service HTTPS Update - ConnectWise * In some environments, antivirus or endpoint protection products may interfere with the Automate patch installer or service behavior during upgrades. If issues are encountered during installation or startup, refer to the ConnectWise documentation for recommended antivirus exclusions: Automate Antivirus Exclusions for Windows https://docs.connectwise.com/ConnectWise_Automate_Documentation/060/040/010 * Ensure that the LTShare has a minimum of 1 GB of free disk space prior to installation. If you experience issues completing the update or required configuration steps, please contact ConnectWise Support for assistance.

Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.connectwise.com/company/trust/security-bulletins/2026-04-20-connectwise-automate-bulletin
N/A
Hyperlink: https://www.connectwise.com/company/trust/security-bulletins/2026-04-20-connectwise-automate-bulletin
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:7d616e1a-3288-43b1-a0dd-0a65d3e70a49
Published At:20 Apr, 2026 | 16:16
Updated At:23 Apr, 2026 | 14:18

ConnectWise has released a security update for ConnectWise Automate™ that addresses a behavior in the ConnectWise Automate Solution Center where certain client-to-server communications could occur without transport-layer encryption. This could allow network‑based interception of Solution Center traffic in Automate deployments. The issue has been resolved in Automate 2026.4 by enforcing secure communication for affected Solution Center connections.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.1HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Type: Secondary
Version: 3.1
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
CPE Matches
connectwise
connectwise
>>automate>>Versions before 2026.4(exclusive)
cpe:2.3:a:connectwise:automate:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-319Secondary7d616e1a-3288-43b1-a0dd-0a65d3e70a49
CWE ID: CWE-319
Type: Secondary
Source: 7d616e1a-3288-43b1-a0dd-0a65d3e70a49
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.connectwise.com/company/trust/security-bulletins/2026-04-20-connectwise-automate-bulletin7d616e1a-3288-43b1-a0dd-0a65d3e70a49
Vendor Advisory
Hyperlink: https://www.connectwise.com/company/trust/security-bulletins/2026-04-20-connectwise-automate-bulletin
Source: 7d616e1a-3288-43b1-a0dd-0a65d3e70a49
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

3Records found
CVE-2023-23130
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.17% / 37.20%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 00:00
Updated-02 Aug, 2024 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Connectwise Automate 2022.11 is vulnerable to Cleartext authentication. Authentication is being done via HTTP (cleartext) with SSL disabled. OTE: the vendor's position is that, by design, this is controlled by a configuration option in which a customer can choose to use HTTP (rather than HTTPS) during troubleshooting.

Action-Not Available
Vendor-connectwisen/a
Product-automaten/a
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2025-11492
Matching Score-6
Assigner-ConnectWise LLC
ShareView Details
Matching Score-6
Assigner-ConnectWise LLC
CVSS Score-9.6||CRITICAL
EPSS-0.01% / 0.80%
||
7 Day CHG~0.00%
Published-16 Oct, 2025 | 18:59
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HTTP Configuration and Encryption in Transit

In the ConnectWise Automate Agent, communications could be configured to use HTTP instead of HTTPS. In such cases, an on-path threat actor with a man-in-the-middle network position could intercept, modify, or replay agent-server traffic. Additionally, the encryption method used to obfuscate some communications over the HTTP channel is updated in the Automate 2025.9 patch to enforce HTTPS for all agent communications.

Action-Not Available
Vendor-connectwiseConnectWise
Product-automateAutomate
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2025-10641
Matching Score-4
Assigner-SEC Consult Vulnerability Lab
ShareView Details
Matching Score-4
Assigner-SEC Consult Vulnerability Lab
CVSS Score-7.1||HIGH
EPSS-0.02% / 6.42%
||
7 Day CHG~0.00%
Published-21 Oct, 2025 | 11:48
Updated-03 Nov, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unencrypted cleartext communication in EfficientLab WorkExaminer Professional

All WorkExaminer Professional traffic between monitoring client, console and server is transmitted as plain text. This allows an attacker with access to the network to read the transmitted sensitive data. An attacker can also freely modify the data on the wire. The monitoring clients transmit their data to the server using the unencrypted FTP. Clients connect to the FTP server on port 12304 and transmit the data unencrypted. In addition, all traffic between the console client and the server at port 12306 is unencrypted.

Action-Not Available
Vendor-EfficientLab
Product-WorkExaminer Professional
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
Details not found