www.connectwise.com
Open in
urlscan Pro
2606:4700:4400::6812:2188
Public Scan
URL:
https://www.connectwise.com/company/trust/advisories
Submission: On June 04 via api from TR — Scanned from DE
Submission: On June 04 via api from TR — Scanned from DE
Form analysis 2 forms found in the DOM
<form class="mktoForm mktoHasWidth mktoLayoutLeft" data-form-id="1301" data-poi="" data-page-source="" data-campaign-code="" data-gclid="" data-zoom-info="" __bizdiag="-483733644" __biza="WJ__" id="mktoForm_1301" novalidate="novalidate"
style="font-family: Helvetica, Arial, sans-serif; font-size: 13px; color: rgb(51, 51, 51); width: 1601px;">
<div class="mktoFormRow">
<div class="mktoFieldDescriptor mktoFormCol" style="margin-bottom: 10px;">
<div class="mktoFieldWrap mktoRequiredField"><input id="Email" name="Email" maxlength="255" aria-labelledby="LblEmail InstructEmail" type="email" class="mktoField mktoEmailField mktoHasWidth mktoRequired" aria-required="true"
style="width: 150px;" placeholder="Business Email Address"></div>
</div>
</div>
<div class="mktoFormRow mktoFormRowHidden">
<div class="mktoFieldDescriptor mktoFormCol" style="margin-bottom: 10px;">
<div class="mktoFieldWrap mktoRequiredField"><select id="Country" name="Country" aria-labelledby="LblCountry InstructCountry" class="mktoField mktoHasWidth mktoRequired" aria-required="true" style="width: 150px;">
<option value="">Country</option>
<option value="AF">Afghanistan</option>
<option value="AL">Albania</option>
<option value="DZ">Algeria</option>
<option value="AX">Aland Islands</option>
<option value="AS">American Samoa</option>
<option value="AI">Anguilla</option>
<option value="AD">Andorra</option>
<option value="AO">Angola</option>
<option value="AN">Antilles - Netherlands</option>
<option value="AG">Antigua and Barbuda</option>
<option value="AQ">Antarctica</option>
<option value="AR">Argentina</option>
<option value="AM">Armenia</option>
<option value="AU">Australia</option>
<option value="AT">Austria</option>
<option value="AW">Aruba</option>
<option value="AZ">Azerbaijan</option>
<option value="BA">Bosnia and Herzegovina</option>
<option value="BB">Barbados</option>
<option value="BD">Bangladesh</option>
<option value="BE">Belgium</option>
<option value="BF">Burkina Faso</option>
<option value="BG">Bulgaria</option>
<option value="BH">Bahrain</option>
<option value="BI">Burundi</option>
<option value="BJ">Benin</option>
<option value="BM">Bermuda</option>
<option value="BN">Brunei Darussalam</option>
<option value="BO">Bolivia</option>
<option value="BR">Brazil</option>
<option value="BS">Bahamas</option>
<option value="BT">Bhutan</option>
<option value="BV">Bouvet Island</option>
<option value="BW">Botswana</option>
<option value="BV">Belarus</option>
<option value="BZ">Belize</option>
<option value="KH">Cambodia</option>
<option value="CM">Cameroon</option>
<option value="CA">Canada</option>
<option value="CV">Cape Verde</option>
<option value="CF">Central African Republic</option>
<option value="TD">Chad</option>
<option value="CL">Chile</option>
<option value="CN">China</option>
<option value="CX">Christmas Island</option>
<option value="CC">Cocos Islands</option>
<option value="CO">Colombia</option>
<option value="CG">Congo</option>
<option value="CI">Ivory Coast</option>
<option value="CK">Cook Islands</option>
<option value="CR">Costa Rica</option>
<option value="HR">Croatia</option>
<option value="CY">Cyprus</option>
<option value="CZ">Czech Republic</option>
<option value="CD">Democratic Republic of the Congo</option>
<option value="DJ">Djibouti</option>
<option value="DK">Denmark</option>
<option value="DM">Dominica</option>
<option value="DO">Dominican Republic</option>
<option value="EC">Ecuador</option>
<option value="EG">Egypt</option>
<option value="SV">El Salvador</option>
<option value="TP">East Timor</option>
<option value="EE">Estonia</option>
<option value="GQ">Equatorial Guinea</option>
<option value="ER">Eritrea</option>
<option value="ET">Ethiopia</option>
<option value="FI">Finland</option>
<option value="FJ">Fiji</option>
<option value="FK">Falkland Islands</option>
<option value="FM">Federated States of Micronesia</option>
<option value="FO">Faroe Islands</option>
<option value="FR">France</option>
<option value="GF">French Guiana</option>
<option value="PF">French Polynesia</option>
<option value="GA">Gabon</option>
<option value="GM">Gambia</option>
<option value="DE">Germany</option>
<option value="GH">Ghana</option>
<option value="GI">Gibraltar</option>
<option value="GB">Great Britain</option>
<option value="GD">Grenada</option>
<option value="GE">Georgia</option>
<option value="GR">Greece</option>
<option value="GL">Greenland</option>
<option value="GN">Guinea</option>
<option value="GP">Guadeloupe</option>
<option value="GS">S. Georgia and S. Sandwich Islands</option>
<option value="GT">Guatemala</option>
<option value="GU">Guam</option>
<option value="GW">Guinea-Bissau</option>
<option value="GY">Guyana</option>
<option value="HK">Hong Kong</option>
<option value="HM">Heard Island and McDonald Islands</option>
<option value="HN">Honduras</option>
<option value="HT">Haiti</option>
<option value="HU">Hungary</option>
<option value="ID">Indonesia</option>
<option value="IE">Ireland</option>
<option value="IL">Israel</option>
<option value="IN">India</option>
<option value="IO">British Indian Ocean Territory</option>
<option value="IQ">Iraq</option>
<option value="IT">Italy</option>
<option value="JM">Jamaica</option>
<option value="JO">Jordan</option>
<option value="JP">Japan</option>
<option value="KE">Kenya</option>
<option value="KG">Kyrgyzstan</option>
<option value="KI">Kiribati</option>
<option value="KM">Comoros</option>
<option value="KN">Saint Kitts and Nevis</option>
<option value="KR">Korea South</option>
<option value="KW">Kuwait</option>
<option value="KY">Cayman Islands</option>
<option value="KZ">Kazakhstan</option>
<option value="LA">Laos</option>
<option value="LB">Lebanon</option>
<option value="LC">Saint Lucia</option>
<option value="LI">Liechtenstein</option>
<option value="LK">Sri Lanka</option>
<option value="LR">Liberia</option>
<option value="LS">Lesotho</option>
<option value="LT">Lithuania</option>
<option value="LU">Luxembourg</option>
<option value="LV">Latvia</option>
<option value="LY">Libya</option>
<option value="MK">Macedonia</option>
<option value="MO">Macao</option>
<option value="MG">Madagascar</option>
<option value="MY">Malaysia</option>
<option value="ML">Mali</option>
<option value="MW">Malawi</option>
<option value="MR">Mauritania</option>
<option value="MH">Marshall Islands</option>
<option value="MQ">Martinique</option>
<option value="MU">Mauritius</option>
<option value="YT">Mayotte</option>
<option value="MT">Malta</option>
<option value="MX">Mexico</option>
<option value="MA">Morocco</option>
<option value="MC">Monaco</option>
<option value="MD">Moldova</option>
<option value="MN">Mongolia</option>
<option value="MM">Myanmar</option>
<option value="MP">Northern Mariana Islands</option>
<option value="MS">Montserrat</option>
<option value="MV">Maldives</option>
<option value="MZ">Mozambique</option>
<option value="NA">Namibia</option>
<option value="NC">New Caledonia</option>
<option value="NE">Niger</option>
<option value="NF">Norfolk Island</option>
<option value="NG">Nigeria</option>
<option value="NI">Nicaragua</option>
<option value="NL">Netherlands</option>
<option value="NO">Norway</option>
<option value="NP">Nepal</option>
<option value="NR">Nauru</option>
<option value="NU">Niue</option>
<option value="NZ">New Zealand</option>
<option value="OM">Oman</option>
<option value="PA">Panama</option>
<option value="PE">Peru</option>
<option value="PG">Papua New Guinea</option>
<option value="PH">Philippines</option>
<option value="PK">Pakistan</option>
<option value="PL">Poland</option>
<option value="PM">Saint Pierre and Miquelon</option>
<option value="CS">Serbia and Montenegro</option>
<option value="PN">Pitcairn</option>
<option value="PR">Puerto Rico</option>
<option value="PS">Palestinian Territory</option>
<option value="PT">Portugal</option>
<option value="PW">Palau</option>
<option value="PY">Paraguay</option>
<option value="QA">Qatar</option>
<option value="RE">Reunion</option>
<option value="RO">Romania</option>
<option value="RU">Russian Federation</option>
<option value="RW">Rwanda</option>
<option value="SA">Saudi Arabia</option>
<option value="WS">Samoa</option>
<option value="SH">Saint Helena</option>
<option value="VC">Saint Vincent and the Grenadines</option>
<option value="SM">San Marino</option>
<option value="ST">Sao Tome and Principe</option>
<option value="SN">Senegal</option>
<option value="SC">Seychelles</option>
<option value="SL">Sierra Leone</option>
<option value="SG">Singapore</option>
<option value="SK">Slovakia</option>
<option value="SI">Slovenia</option>
<option value="SB">Solomon Islands</option>
<option value="SO">Somalia</option>
<option value="ZA">South Africa</option>
<option value="ES">Spain</option>
<option value="SD">Sudan</option>
<option value="SR">Suriname</option>
<option value="SJ">Svalbard and Jan Mayen</option>
<option value="SE">Sweden</option>
<option value="CH">Switzerland</option>
<option value="SZ">Swaziland</option>
<option value="TW">Taiwan</option>
<option value="TZ">Tanzania</option>
<option value="TJ">Tajikistan</option>
<option value="TH">Thailand</option>
<option value="TL">Timor-Leste</option>
<option value="TG">Togo</option>
<option value="TK">Tokelau</option>
<option value="TO">Tonga</option>
<option value="TT">Trinidad and Tobago</option>
<option value="TN">Tunisia</option>
<option value="TR">Turkey</option>
<option value="TM">Turkmenistan</option>
<option value="TC">Turks and Caicos Islands</option>
<option value="TV">Tuvalu</option>
<option value="UA">Ukraine</option>
<option value="UG">Uganda</option>
<option value="AE">United Arab Emirates</option>
<option value="UK">United Kingdom</option>
<option value="US">United States</option>
<option value="UM">United States Minor Outlying Islands</option>
<option value="UY">Uruguay</option>
<option value="UZ">Uzbekistan</option>
<option value="VU">Vanuatu</option>
<option value="VA">Vatican City State</option>
<option value="VE">Venezuela</option>
<option value="VG">Virgin Islands</option>
<option value="VI">Virgin Islands</option>
<option value="VN">Viet Nam</option>
<option value="WF">Wallis and Futuna</option>
<option value="EH">Western Sahara</option>
<option value="YE">Yemen</option>
<option value="ZM">Zambia</option>
<option value="ZW">Zimbabwe</option>
</select></div>
</div>
</div>
<div class="mktoButtonRow"><span class="mktoButtonWrap mktoSimple" style="margin-left: 120px;"><button type="submit" class="mktoButton">Submit</button></span></div><input type="hidden" name="formid" class="mktoField mktoFieldDescriptor"
value="1301"><input type="hidden" name="munchkinId" class="mktoField mktoFieldDescriptor" value="417-HWY-826">
<div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="Jigsaw" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
<div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="mKTOProductInterest" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
<div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="pageSource" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
<div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="campaignCodeMostRecent" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
<div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="utmcampaign" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
<div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="utmcontent" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
<div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="utmmedium" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
<div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="utmsource" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
<div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="utmterm" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
<div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="referringURL" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
<div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="CWS_GCLID__c" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
<div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="ga_cid__c" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
</form><form class="mktoForm mktoHasWidth mktoLayoutLeft" data-form-id="1301" data-poi="" data-page-source="" data-campaign-code="" data-gclid="" data-zoom-info="" __bizdiag="-483733644" __biza="WJ__" novalidate="novalidate"
style="font-family: Helvetica, Arial, sans-serif; font-size: 13px; color: rgb(51, 51, 51); visibility: hidden; position: absolute; top: -500px; left: -1000px; width: 1600px;"></form>Text Content
___ Trust Center Contact Us Sign In Close Search Modal Close Search Bar Search * Products & Services * Community & Resources * Why ConnectWise * Support Close Search Modal Close Search Bar Search Try For Free PRODUCTS & SERVICES * Business Management Integrated front and back office solutions * Unified Monitoring and Management Manage customer endpoints and data * Cybersecurity and Data Protection Protect your clients’ critical business assets * Asio—The MSP Platform The purpose-built platform for MSPs Explore Solution Marketplace Third-party integrations to enhance our products BUSINESS MANAGEMENT INTEGRATED FRONT AND BACK OFFICE SOLUTIONS Explore Business Management PSA Professional services automation designed to run your as-a-service business CPQ Advanced quote and proposal automation to streamline your quoting BrightGauge KPI dashboards and reporting for real-time business insights ITBoost Centralized, intuitive IT documentation Service Leadership Increase shareholder value and profitability SmileBack Customer service feedback for MSPs Business Management Packages Optimize your business operations through curated packages designed to streamline, standardize, and automate your business processes Explore Business Management PSA Professional services automation designed to run your as-a-service business CPQ Advanced quote and proposal automation to streamline your quoting BrightGauge KPI dashboards and reporting for real-time business insights ITBoost Centralized, intuitive IT documentation Service Leadership Increase shareholder value and profitability SmileBack Customer service feedback for MSPs Business Management Packages Optimize your business operations through curated packages designed to streamline, standardize, and automate your business processes Explore Business Management See our latest product innovations that enhance your ConnectWise experience. View roadmap>> UNIFIED MONITORING AND MANAGEMENT MANAGE CUSTOMER ENDPOINTS AND DATA Explore Unified Monitoring and Management RMM Monitor and manage your client's networks the way you want - hands on, automated or both with our NOC services Automate Powerful RMM for next-level IT support ScreenConnect™ Remotely access and support any device, anywhere, any time Explore Unified Monitoring and Management RMM Monitor and manage your client's networks the way you want - hands on, automated or both with our NOC services Automate Powerful RMM for next-level IT support ScreenConnect™ Remotely access and support any device, anywhere, any time Explore Unified Monitoring and Management See our latest product innovations that enhance your ConnectWise experience. View roadmap>> CYBERSECURITY AND DATA PROTECTION PROTECT YOUR CLIENTS’ CRITICAL BUSINESS ASSETS Explore Cybersecurity MDR Monitor & stop malicious activity on endpoints SIEM Centralize threat visibility and analysis Risk and Vulnerability Management Identify cybersecurity risks and routinely scan for vulnerabilities Access Management Eliminate shared admin passwords and protect customers SASE Apply zero trust secure access for users, locations, and devices Explore Cybersecurity MDR Monitor & stop malicious activity on endpoints SIEM Centralize threat visibility and analysis Risk and Vulnerability Management Identify cybersecurity risks and routinely scan for vulnerabilities Access Management Eliminate shared admin passwords and protect customers SASE Apply zero trust secure access for users, locations, and devices Explore Data Protection SaaS Backup Safeguard customer cloud app data Co-Managed Backup Streamline third-party backup management Incident Response Services Quickly access cybersecurity experts for critical security incidents Explore Data Protection SaaS Backup Safeguard customer cloud app data Co-Managed Backup Streamline third-party backup management Incident Response Services Quickly access cybersecurity experts for critical security incidents Explore Cybersecurity and Data Protection See our latest product innovations that enhance your ConnectWise experience. View roadmap>> ASIO—THE MSP PLATFORM THE PURPOSE-BUILT PLATFORM FOR MSPS Explore Platform Asio The purpose-built platform for MSPs Product Roadmap Product innovations and updates Platform Capabilities Understand the technology Platform Benefits The path to hyperautomation Explore Platform Asio The purpose-built platform for MSPs Product Roadmap Product innovations and updates Platform Capabilities Understand the technology Platform Benefits The path to hyperautomation Hyperautomation Solutions RPA Eliminate manual steps with easy to use workflows Sidekick Generative AI for team productivity Hyperautomation Solutions RPA Eliminate manual steps with easy to use workflows Sidekick Generative AI for team productivity See our latest product innovations that enhance your ConnectWise experience. View roadmap>> COMMUNITY & RESOURCES * Community & Events Industry events and networking * Open Ecosystem Top-rated vendors and integrations * Resources Business-driving insights and guidance COMMUNITY & EVENTS INDUSTRY EVENTS AND NETWORKING IT Nation IT Nation Connect Premier MSP industry conference IT Nation Secure MSP cybersecruity industry conference IT Nation Evolve Coaching & peer groups Wise Up Podcast Insights and strategies to help your business IT Nation London Regional MSP industry conference IT Nation Sydney Regional MSP industry conference IT Nation IT Nation Connect Premier MSP industry conference IT Nation Secure MSP cybersecruity industry conference IT Nation Evolve Coaching & peer groups Wise Up Podcast Insights and strategies to help your business IT Nation London Regional MSP industry conference IT Nation Sydney Regional MSP industry conference ConnectWise Automation Nation AI & hyperautomation training User Groups ConnectWise product training Innovation Webinars The latest ConnectWise product innovations Virtual Community Find help from peer connections ConnectWise Automation Nation AI & hyperautomation training User Groups ConnectWise product training Innovation Webinars The latest ConnectWise product innovations Virtual Community Find help from peer connections Explore The IT Nation See our latest product innovations that enhance your ConnectWise experience. View roadmap>> OPEN ECOSYSTEM TOP-RATED VENDORS AND INTEGRATIONS Open Ecosystem Marketplace Vendors and integrations The Invent Program Third-party integration certification Open Ecosystem Marketplace Vendors and integrations The Invent Program Third-party integration certification Partnerships Microsoft SentinelOne Bitdefender Axcient Acronis Partnerships Microsoft SentinelOne Bitdefender Axcient Acronis See our latest product innovations that enhance your ConnectWise experience. View roadmap>> RESOURCES BUSINESS-DRIVING INSIGHTS AND GUIDANCE Partner Resources Webinars Blog eBooks Case studies Industry reports Feature sheets On-demand demos Product Roadmap Product innovations and updates Partner Resources Webinars Blog eBooks Case studies Industry reports Feature sheets On-demand demos Product Roadmap Product innovations and updates Explore all resources See our latest product innovations that enhance your ConnectWise experience. View roadmap>> WHY CONNECTWISE About Us About ConnectWise Mission & Vision History Leadership Board of Directors Careers Partner Program Philanthropy Partner Referral Company Updates Press Room Awards Case studies Asio—The MSP Platform The only truly unified platform purpose-built for MSPs. Learn more >> SUPPORT * Partner Support ConnectWise solution resources * Partner Education Certifications and resources PARTNER SUPPORT CONNECTWISE SOLUTION RESOURCES Get Support ConnectWise Home Solution access and product news Documentation Product info and manuals Virtual Community Partner peer connections Lookup My Account Team Account support and management Get Support ConnectWise Home Solution access and product news Documentation Product info and manuals Virtual Community Partner peer connections Lookup My Account Team Account support and management Partner Support Access your products, see announcements, and find support Log in to ConnectWise Home >> PARTNER EDUCATION CERTIFICATIONS AND RESOURCES Explore Partner Education ConnectWise Certify™ Industry training and certifications University Partner tools, resources, courses Modes Theory™ Business growth framework Explore Partner Education ConnectWise Certify™ Industry training and certifications University Partner tools, resources, courses Modes Theory™ Business growth framework Service Leadership, Inc. Discover total profit solutions for IT companies. Learn more >> Cybersecurity Center Industry leading tools, advice, and community Platform * Asio™ Platform * What's New * Cybersecurity Management * Unified Management * Business Management * Integrated Expert Services Resources * Trust Center * Security Bulletins * Advisories * Glossary * All Cyber Resources Partner Program Risk Assessment Demos & Trials MENU Demos & Trials * Platform * Asio™ Platform * What's New * Cybersecurity Management * Unified Management * Business Management * Integrated Expert Services * Resources * Trust Center * Security Bulletins * Advisories * Glossary * All Cyber Resources * Partner Program * Risk Assessment 1. Home 2. Company 3. Trust Center 4. Advisories LATEST ADVISORIES From time to time, ConnectWise will provide communications on broader security related topics that may not be linked to a specific ConnectWise product or vulnerability, but are still of importance to our partner community. ACTIVE ADVISORY * Unauthenticated access to legacy AWS server located in the EU region * ScreenConnect vulnerability CWE-288 * ScreenConnect 23.9.8 security bulletin * How to upgrade on-premise installation * Remediation + Hardening Guide (pdf) * Download patch * FAQ HELPFUL LINKS * Advisories RSS feed link * Chrome RSS feed extension * Visit our Trust Center * See latest security bulletins * Check status.connectwise.com * Call 1-888-WISE911 to report a security vulnerability * Email help@connectwise.com * Login and open a ticket on ConnectWise Home * Update/check my email preferences AWS-EU-0321 MARCH 21, 2024 UNAUTHENTICATED ACCESS TO LEGACY AWS SERVER LOCATED IN THE EU REGION We want to notify you of a security incident that we are currently investigating. Our team was notified by a security researcher of a vulnerability to a single AWS server in our EU environment. This server hosts a legacy service that we had targeted for deprecation. While our investigation is ongoing, we wanted to inform you of the potential risk associated with this incident. INCIDENT DETAILS Date and time: The vulnerability was initially reported on March 17. On March 18, we mitigated the vulnerability and subsequently, on March 20, we discovered there was unauthorized access to the AWS server. Nature of access: The access appears to be unauthenticated, indicating a potential security breach. Server location: The compromised single server is a legacy system in the AWS EU region. Data at risk: Preliminary investigations suggest that the information viewable to an unauthorized party would be limited to the email addresses for a subset of individuals who had authenticated into the EU environment. ACTIONS TAKEN Immediate response: Upon detection, our security team initiated immediate response protocols to contain the incident and mitigate any further potential risks. Investigation: Our InfoSec team, working alongside an external forensics firm, have launched a thorough investigation into the incident to ascertain the extent of the unauthorized access and any potential malicious activity. POTENTIAL IMPACT We are treating this incident seriously and are thoroughly investigating with our InfoSec team as well as an independent external forensics firm. We believe that there was a finite amount of information available to be viewed by an unauthorized party (e.g., email address) and that an unauthorized party would not be able to expand access beyond the single AWS server. The service in question is consumed by our legacy Continuum environments, however this issue is constrained to our EU implementation only. This service is not consumed by any of the other product lines such as PSA or Automate. Throughout the day on March 21, the teams are running additional scans and tests and partners may experience some intermittent slowness or authentication issues during those times. We will do our best to limit the partner impact. NEXT STEPS We will continue to share updates on the progress of our investigation and communicate directly to the small number of partners in the EU who may have been impacted. SUPPORT If you need any assistance or have additional questions, please go online to ConnectWise Home and open a case with our support team or email help@connectwise.com. We appreciate your continued partnership. MARCH 4, 2024 IMPORTANT UPDATE: HARDENING GUIDELINES FOR CONNECTWISE SCREENCONNECT CVE-2024-1708 (PATH TRAVERSAL) ConnectWise published a security bulletin and multiple communications regarding vulnerabilities found in ConnectWise ScreenConnect™ (CVE-2024-1709, CVE-2024-1708). As a reminder and as part of the remediation process for on-prem partners—whether you have patched your server or still need to—it is critical to assess your systems for signs of impact while upgrading and before bringing any systems back online. If you possess enhanced Windows event logs or endpoint detection and response (EDR) solutions, thorough investigation should be conducted to identify any suspicious activity, including evidence of commands run from webshells or other indicators of compromise. In the event of file anomalies or other indicators of compromise are identified, it is highly recommended to seek assistance from external response companies specializing in incident response and digital forensics. These companies possess the expertise necessary to effectively investigate and remediate security concerns. Cloud partners Cloud partners are remediated against both vulnerabilities reported on February 19. No further action is required from any cloud partner (“screenconnect.com” cloud and “hostedrmm.com”). On-premise partners Whether you have patched your server or still need to, it is critical to assess your systems for signs of impact while upgrading and before bringing any systems back online. Review file system, enhanced Windows event logs or EDR solutions for suspicious activity, such as webshell commands or other compromise indicators. Seek assistance from specialized incident response and forensics firms if potential impacted files are identified. To assist in the remediation and hardening process, we encourage partners to review and follow the ConnectWise ScreenConnect Remediation and Hardening Guide by Mandiant for additional protection. Within the Mandiant-provided hardening guide, you will find additional mitigation and steps to check for signs of compromise, such as: * Auditing rogue users, malicious extensions, and additional checks for indicators of compromise * Enabling baseline audit and privacy logs * Proxy server and load balance configurations * Restricting Egress * Additional details for restricting permissions These steps should be reviewed and implemented after you have upgraded to a patched version of ScreenConnect. We strongly urge all users of ScreenConnect to prioritize the installation of the latest patch and follow the recommended mitigation and hardening measures outlined in the provided resources to safeguard their systems against potential security risks. CWE-288 FEBRUARY 21, 2024 CONNECTWISE SCREENCONNECT VULNERABILITY CWE-288: WHAT SHOULD I DO? February 29, 2024 update: Cloud partner summary: Cloud partners are remediated against both vulnerabilities reported on February 19. No further action is required from any cloud partner (“screenconnect.com” cloud and “hostedrmm.com”). On-prem partner summary: On-prem partners are advised to immediately upgrade to the latest version of ScreenConnect to remediate against reported vulnerabilities. Active maintenance If you are on active maintenance, we strongly recommend upgrading to the most current release of 23.9.8 or later. Using the most current release of ScreenConnect includes security updates, bug fixes, and enhancements not found in older releases. Off maintenance ConnectWise has provided a patched version of 22.4.20001 available to any partner regardless of maintenance status as an interim step to mitigate the vulnerability. If you are not currently under maintenance, please upgrade your servers to version 22.4.20001 at minimum or to your latest eligible patched version that includes the remediation for CVE-2024-1709. Upgrade ScreenConnect to a patched version immediately 1. To upgrade to version 23.9.8 or later, please note there is a specific upgrade path that must be followed: 2.1 → 2.5 → 3.1 → 4.4 → 5.4 → 19.2 → 22.8 → 23.3 → 23.9.8+ 2. If you are not on maintenance and upgrading to 22.4.20001 (or your latest eligible version), please follow this specified upgrade path: 2.1 → 2.5 → 3.1 → 4.4 → 5.4 → 19.2 → 22.4.20001 For instructions on how to upgrade your on-premise installation click here. Addressing license errors If a license error arises during the upgrade, please stop the four ScreenConnect services (Session Manager, Security Manager, Web Server, Relay), move the “License.xml” file from the installation folder “C:\Program Files (x86)\ScreenConnect\App_Data\License.xml” to another location such as Desktop, and proceed with the upgrade. After the upgrade is complete, the license key will need to be re-added by stopping the four services and dropping the file back into the App_Data folder. February 21 original advisory: If you suspect you have been compromised related to the recent ConnectWise ScreenConnect™ vulnerability (CWE-288), please follow the mitigation steps below. 1. Upgrade ScreenConnect to the current 23.9.8 version immediately * Please note, there is an upgrade path that must be followed* 2.1 → 2.5 → 3.1 → 4.4 → 5.4 →19.2→22.8→23.3→ 23.9 * Click here to upgrade your on-premise installation 2. If you receive a license error when upgrading, it may be due to a technical problem on the server, or the license key itself may need to be renewed*. If the upgrade cannot be completed, please delete the SetupWizard.aspx file out of the installation folder: C:\Program Files (x86)\ScreenConnect\SetupWizard.aspx *Please see the February 29, 2024 advisory update to review the amended upgrade path and instructions on how to address licensing errors. 3. Identify the issue * When compromised, the User.xml file on the ScreenConnect instance is reset and replaced with a new file that contains only information about one new user C:\Program Files (x86)\ScreenConnect\App_Data\User.xml * This file can be restored from a backup to get the original users back (if applicable) * If you don’t have a user backup, the user file can be reset again by following the process outlined here. 4. Once you are able to log in, check for malicious commands/tools or connections. * Install the Report Manager extension on the Admin > Extensions page > Browse Extension Marketplace button * Launch Report Manager from the Admin page > Extras menu (4x boxes lower left corner) > Report Manager * There are pre-built reports that will export data as a CSV. All reports show the last 30 days of data by default (this is dependent on the database maintenance plans) * Host Session Connections—shows all connections made to devices * Queued Commands Example—shows all remote commands run against devices * Queued Toolbox Items Example—shows all toolbox items that were queued up Support If you need any assistance or have additional questions, please go online to ConnectWise Home and open a case with our support team or email help@connectwise.com. Report a security incident If you have questions or need to report a security or privacy incident, please visit our ConnectWise Trust Center. You can also call our Partner InfoSec Hotline at 1-888-WISE911 to report a non-active security incident or a security vulnerability. FEBRUARY 20, 2024 PATCH IMMEDIATELY—CRITICAL SCREENCONNECT VULNERABILITY Update: Indicators of compromise Indicators of compromise (IOCs) look for malicious activity or threats. These indicators can be incorporated into your cybersecurity monitoring platform. They can help you stop a cyberattack that's in progress. Plus, you can use IOCs to find ways to detect and stop ransomware, malware, and other cyberthreats before they cause data breaches. We received updates of compromised accounts that our incident response team have been able to investigate and confirm. The following IP addresses were recently used by threat actors that we are making available for protection and defense. IOCs: * 155.133.5.15 * 155.133.5.14 * 118.69.65.60 We will continue to update with any further information as it becomes available. Original Advisory: Summary At ConnectWise, our top priority is upholding our commitment to deliver and maintain secure products for our partners. Our team has been working around the clock to ensure your protection from the issues affecting the latest ConnectWise ScreenConnect™ vulnerability that was responsibly reported to us through our vulnerability disclosure process. Product(s) impacted ConnectWise ScreenConnect™, including ScreenConnect instances co-hosted on ConnectWise Automate™ cloud servers. What we know Vulnerabilities were reported February 13, 2024, through our vulnerability disclosure channel via the ConnectWise Trust Center. There is no evidence that these vulnerabilities have been exploited in the wild, but immediate action must be taken by on-premise partners to address these identified security risks. Our response We have been following our escalated vulnerability response process, and because of the teams working tirelessly, a patch was made available on February 19, 2024. Remediation It is strongly recommended that our on-premise partners not wait for a maintenance window to patch but immediately update the latest ScreenConnect version 23.9.8. More information on this vulnerability and detailed instructions on patch availability and how to mitigate the vulnerabilities can be found in this security bulletin. Report a security incident If you have additional security-related questions, please contact security@connectwise.com. To report a security or privacy incident, please visit the ConnectWise Trust Center. You can report both a non-active security incident, report a security vulnerability, or call our Partner InfoSec Hotline at 1-888-WISE911. FEBRUARY 9, 2024 FORTISIEM CRITICAL VULNERABILITIES AFFECTING CONNECTWISE CO-MANAGED SIEM POWERED BY STRATOZEN Fortinet has recently released two critical vulnerabilities in its FortiSIEM platform (CVE-2024-23108 and CVE-2024-23109), which is used as part of the ConnectWise Co-Managed SIEM powered by StratoZen security offering. Fortinet is advising all partners to upgrade to the latest version of FortiSIEM (7.1.3), which Fortinet just released. Please note that all hosted StratoZen environments are protected by firewalls that do not allow traffic to the FortiSIEM instances on the vulnerable service. Nevertheless, out of an abundance of caution, ConnectWise is upgrading all hosted environments over the next week, and we strongly recommend all co-managed partners upgrade to the latest version of FortiSIEM. What we know The vulnerability is within an API used for communications between FortiSIEM components. Collectors do not communicate on that API and are not impacted by the CVE-2024-23108 and CVE-2024-23109 vulnerabilities. ConnectWise does not allow access to the environments on that API, thus the vulnerability cannot be directly exploited remotely. Our response All hosted FortiSIEM instances are running behind our firewall that is not exposing the vulnerable port and service, protecting your instance. In addition, ConnectWise is upgrading all hosted FortiSIEM instances to the latest version of 7.1.3 over the next week. Remediation Hosted-StratoZen partners – All FortiSIEM instances are running behind our firewall that is not exposing the vulnerable port and service. No further immediate action is needed for hosted environments. Co-managed StratoZen partners – If you are a co-managed partner, we advise you take action immediately to upgrade your FortiSIEM instances to the latest version (7.1.3). We also encourage you to check your firewall settings to ensure only necessary ports are open for remote access. Please contact us at supportdesk@stratozen.com if you need any assistance with upgrading. Report a security incident If you have additional security-related questions, please contact security@connectwise.com. To report a security or privacy incident, please visit the ConnectWise Trust Center. You can report both a non-active security incident, report a security vulnerability, or call our Partner InfoSec Hotline at 1-888-WISE911. JANUARY 22, 2024 BRUTE-FORCE ATTEMPTS ON CONNECTWISE SCREENCONNECT What we know Our team recently noticed malicious activity by bad actors attempting credential-stuffing and brute-force attacks targeting some ConnectWise Automate partners with ConnectWise ScreenConnect instances. We are pleased to report that there is no evidence of any unauthorized access, and the security measures we have in place worked as intended to prevent any breach. What should you do? If you receive an email notifying you that you or someone in your company have been locked out of your ScreenConnect account, please make sure you do not click on any suspicious links and reach out to our support team immediately for assistance in verifying the legitimacy of the lockout email and restoring access securely. To contact support, go online to ConnectWise Home and log in to open a support ticket. Preventative security measures With the evolving sophistication of cyberattack attempts on the rise globally, we are keenly aware that this can happen anytime with any product to any company, large or small. So, it is critically important to maintain a security-first focus, remain vigilant, and follow best practices to ensure the ongoing safety and security of your information and systems. * Multi-factor authentication (MFA) Implement MFA to add an extra layer of protection. This significantly reduces the risk of unauthorized access, even if login credentials are compromised. You can find additional resources here and here to learn more about enabling MFA on your account. * Regular password policy reviews Enforce strong password policies for all users. Regularly review and update passwords to ensure they meet current security standards. To edit user password requirements and configurations, click here. * Employee training and awareness Conduct regular security awareness training for your team to recognize phishing attempts and other social engineering tactics. Employees play a crucial role in maintaining a secure environment. * Incident response plan Develop and regularly update an incident response plan. This ensures a swift and coordinated response in the event of a security incident, minimizing potential damage. By following these best practices and promptly contacting our support team when needed, we can collectively strengthen our defenses against potential threats. Report a security incident If you have questions or need to report a security or privacy incident, please visit our ConnectWise Trust Center. You can also call our Partner InfoSec Hotline at 1-888-WISE911 to report a non-active security incident or a security vulnerability. OCTOBER 18, 2023 BEWARE THE HOOK: MALICIOUS ACTOR PHISHING EMAIL TARGETING SCREENCONNECT USERS What we know Recently, our ConnectWise Information Security team has identified an increase in phishing campaigns that attempt to exploit ConnectWise ScreenConnect™ by mimicking new login alerts to deceive users into sharing their login credentials. These phishing emails are designed to appear as genuine login alerts to gain unauthorized access to legitimate ScreenConnect instances. We know email phishing attacks continue to get more sophisticated, mirroring authentic messages and web content, so we want to ensure you are informed about this threat and know how to protect your data and privacy. A sample of this phishing email is shown in the screenshot below and contains a “click here” link to a malicious site. Please note, ScreenConnect does send legitimate new login alerts via email as shown in this screenshot. ConnectWise alerts do not have a “click here” link for any login notifications. If you see a link in your notification, it is not legitimate. Our response With the evolving sophistication of phishing attempts on the rise, a combination of awareness and vigilance is needed. We encourage you to refresh your users with some of the standard phishing attack indicators. We also recommend staying vigilant in looking for clues to avoid mistakenly clicking on nefarious content. Before clicking, make sure content reflects: * Email domains owned by trusted sources * Links go to places you recognize What should you do? If you are concerned that you may have been compromised, please follow the steps in this security alert checklist. We also recommend reviewing the ScreenConnect security guide and best practices for further securing your instance, as well as verifying that links, your account ID, and your domain are accurate. If you have questions, suspect you received a phishing attempt, or need to report a security or privacy incident, please visit our ConnectWise Trust Center. You can report both a non-active security incident, report a security vulnerability, or call our Partner InfoSec Hotline at 1-888-WISE911. OCTOBER 4, 2023 WEBP/LIBWEBP ZERO-DAY VULNERABILITIES *This advisory has been updated to include the impact to ConnectWise PSA. Security researchers opened two vulnerabilities relating to maliciously formed WebP images, which could be used to exploit browsers, as well as the libwebp library that extends to more than just browsers. The libwebp library is used by many operating systems and popular applications to render .WebP images. What we know The vulnerability, first tracked as CVE-2023-4863, was disclosed by Google as a vulnerability affecting its Chrome browser. As researchers investigated further, it was discovered the vulnerability sourced back to the open source libwebp library, which several vendors rely on and have been releasing updates. In connection with this, CVE-2023-5129 that was registered as a critical CVSS (Common Vulnerability Scoring System) score of 10, has been rejected or withdrawn since it is a duplicate of CVE-2023-4863. The entry for the latter has been expanded to include the impact in the libwebp library. Our response Our cross-functional teams immediately started conducting comprehensive assessments of all our applications and systems to identify any potential areas of risk. Additionally, we have implemented enhanced monitoring measures to actively track any changes or suspicious activities related to this vulnerability. Remediation All identified products have started remediation efforts or have already been performed. In some cases, they are progressing as planned. In other instances where the vulnerability exists in independent products we use, we are monitoring and discussing with vendors to see when a fix would be available to apply. Remediation to date: * ConnectWise ScreenConnect™ v23.7.8 has been released, which disables the use of libwebp * ITBoost™, a ConnectWise solution, has been remediated and has been released into production * SLI 3.0 and SLI Insights have been remediated and released into production * Remediation efforts for ConnectWise PSA™ are ongoing. In the meantime, please consider moving to the web client instead of our thick client to reduce the risk of exposure to the vulnerability. * BrightGauge™, SmileBack™, ConnectWise CPQ™, ConnectWise Automate™, Asio™ platform, and security services are not directly impacted with this vulnerability While we are actively addressing this issue in our product suite, we recommend our partners take precautionary measures to enhance their security in their own environment by ensuring all their applications are up-to-date, regularly check for updates, and install them promptly. If you have additional questions, please contact security@connectwise.com. To report a security or privacy incident, please visit the ConnectWise Trust Center. You can report both a non-active security incident, report a security vulnerability, or call our Partner InfoSec Hotline at 1-888-WISE911. APRIL 14, 2023 <4:00PM ET> MICROSOFT MESSAGE QUEUING VULNERABILITY We have been made aware of a vulnerability affecting Windows Operating Systems running the Microsoft Message Queuing (MSMQ) service, impacting on-premise ConnectWise PSA partners. PSA cloud partners remain unaffected. This vulnerability allows adversaries to exploit TCP port 1801 within ConnectWise PSA and execute remote code without authorization. While no immediate threat has been detected, we strongly recommend you take the following actions immediately to mitigate this vulnerability: * Follow the steps outlined in Microsoft’s Mitigations * Update with the latest Microsoft patches * If you are unable to update with the latest Microsoft patches, as a temporary mitigation: * Disable the external connection for port 1801 If you have additional questions, please contact security@connectwise.com. DECEMBER 20, 2022 <6:52 PM ET>: BEST PRACTICE REMINDER - DOWNLOAD FROM TRUSTED SOURCES Researchers from ReversingLabs have identified malicious Python packages located on the popular Python package repository “Python Package Index (PyPI)” posing as a software development kit (SDK) from SentinelOne. The package mimics the legitimate SDK that's offered by SentinelOne to its customers but adds backdoor and data exfiltration features. The full article that includes the writeup and IOCs ( Data exfiltration IPs and package SHA1 hashes) can be found at this link, and the ConnectWise Security Operations Team has been provided the following information from SentinelOne: "SentinelOne is aware of the report from Reversing Labs regarding malicious packages uploaded to the PyPI (Python Package Index) repository misrepresenting themselves as SentinelOne SDK. A malicious Python package was first uploaded to PyPI on Dec 11, 2022, and as of Dec 13, 2022, the package had been updated 20 times. The report advises that the package contains a malicious backdoor with a programmatic delay before activation. We have confirmed that our customers are safe and have not seen any evidence of compromised clients due to this incident. Packages posting as legitimate software and leveraging the PyPI repository are becoming more common and are part of a trend toward integrating threats into software supply chains and development pipelines. We recommend only using SDK packages provided through the SentinelOne management console. PyPI has removed the malicious package, and we are working to investigate further." As an industry best practice, ConnectWise recommends partners download content (SDKs, executables, installation packages, etc.) directly from the vendor to minimize risk and always verify script content prior to execution. DECEMBER 13, 2022 <11:21 PM ET>: SENTINELONE/AIKIDO VULNERABILITY-ACTION REQUIRED Vulnerability Type: Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability Details SafeBreach Labs researcher Or Yair uncovered vulnerabilities in several leading EDR and AV solutions, including SentinelOne, that allows a non-privileged user to create NTFS reparse points, which creates a path that “links” to a different path. The SentinelOne agent uses Windows functionality to get a path of a file to mitigate. A malicious actor may replace the path with a different path to a file to which it does not have privileges. This can potentially turn the agent into a malicious data wiper. Products Impacted Microsoft Windows with SentinelOne agents running all versions prior to 22.2.4.558 are vulnerable. SentinelOne agents are utilized in the following ConnectWise products: ConnectWise SentinelOne Control, ConnectWise SentinelOne Complete, ConnectWise MDR with SentinelOne, and ConnectWise MDR Premium with SentinelOne. This exploit was also tested against Defender, Defender for Endpoint, TrendMicro Apex One, Avast Antivirus, and AVG Antivirus and was found to be vulnerable. Mitigation In order to be protected, you are required to install the latest SentinelOne policy override in version 22.2 SP1 (22.2.4.558) on your Windows agent endpoints. ConnectWise SOC teams have already updated all the ConnectWise SentinelOne EDR and MDR consoles with the 22.2.4.558 agent. After the updates have been deployed, please verify in the SentinelOne console if your machine has a pending reboot that needs to be actioned in case this is required to complete the installation. If you have any questions about the updating process, please contact our security support teams at securitypartnersupport@connectwise.com. NOVEMBER 29, 2022 <4:00 PM ET>: REMAINING VIGILANT AGAINST EMAIL PHISHING ATTEMPTS We are aware of a phishing campaign that mimics ConnectWise Control New Login Alert emails and has the potential to lead to unauthorized access to legitimate Control instances. We know email phishing attacks continue to get more sophisticated, mirroring legitimate email and web content. A sample of this phishing email is shown in the screenshot below and contains a “click here” link to a malicious site. ConnectWise has issued take-down requests for the malicious site and domains. If you are concerned that you may have been compromised, please follow the steps in this security alert checklist. We also recommend reviewing the Control security guide and best practices for further securing your instance, as well as verifying that links, your account ID, and your domain are accurate. Of note, Control does send legitimate New Login Alerts via email as shown in this screenshot. The legitimate “click here” link references the aforementioned security alert checklist that exists as a knowledge base article on our site. This is a more sophisticated attempt – some of the standard phishing attack indicators aren’t there, like misplaced graphics, or spelling inconsistencies. We encourage our partners to stay vigilant in looking for clues to avoid mistakenly clicking on nefarious content. Before clicking, make sure content reflects: * Email domains owned by trusted sources * Links that go to places you recognize If you have questions, suspect you received a phishing attempt, or need to report a security or privacy incident, please visit our ConnectWise Trust Center. You can report both a non-active security incident, report a security vulnerability, or call our Partner InfoSec Hotline at 1-888-WISE911. MAY 5, 2022 <11:00 AM ET>: EMAIL SECURITY BEST PRACTICES We want to provide reminders to our partners about email security best practices. Phishing remains a significant attack vector fronting attack chains in some very high-profile security incidents. As such, it is imperative that organizations implement email security controls to prevent impersonation/spoofing of their users and domains. SPF, DKIM, and DMARC provide a layer of protection against this by working in tandem to authenticate email and helping to ensure that the sender REALLY is who they say they are. SPF, DKIM, and DMARC Defined * SPF (Sender Policy Framework) is an email validation protocol designed to detect and block email spoofing. It allows mail exchangers to verify that incoming mail from a specific domain comes from an IP Address authorized by that domain’s administrators. * DKIM (DomainKeys Identified Mail) utilizes cryptographic signatures by which mail service providers can verify the authenticity of the sender. * DMARC (Domain-based Message Authentication, Reporting & Conformance) aligns the SPF and DKIM mechanisms and allows organizations to apply policies regarding unauthorized use of email domains. For more information and details on how to setup/configure SPF/DKIM/DMARC, there are several good resources available including the following: SPF: https://www.proofpoint.com/us/threat-reference/spf DKIM: https://www.proofpoint.com/us/threat-reference/dkim DMARC: https://www.proofpoint.com/us/threat-reference/dmarc Security is a top priority at ConnectWise. Our primary goal is to provide robust, secure products and services to our partners. We also acknowledge that no technology is perfect, and ConnectWise believes that working with skilled security researchers and partners across the globe is crucial in identifying weaknesses in any technology. If you believe you've found a security issue in our product or service, we encourage you to notify us via our Vulnerability Disclosure Program. We welcome working with you to resolve the issue promptly. We are proud to be part of a community that remains equally committed to secure practices. JANUARY 31, 2022 <8:00 PM ET>: CONNECTWISE VIRTUAL COMMUNITY UPDATE We apologize to our partners for the disruption in service last week pertaining to our virtual community. It is now online, and our product and other teams look forward to engaging with you. Like many ConnectWise experiences (e.g. our University) our virtual community platform leverages SSO to authenticate users and ensure only authorized partners engage in our community. Our SSO mechanism did its job—only allowing verified ConnectWise partners to register, accept the terms and conditions and use the virtual community platform. There was no malicious attack on our SSO capabilities. Last week, a valued partner (via our VDP and respected admins of the MSPGeek community) raised concern about information our virtual community search was displaying to registered community member partners. Directory search was working as intended in most cases, but a configuration issue was allowing non-registered partners to be returned in a search. This information included "first name", "last name", "company name" (and in some cases, "business title"). Although this information can easily be obtained via other platforms (like LinkedIn), it raised understandable partner concern. Only 15 registered partner members conducted searches since the community launch, and while we were unable to validate the results of their searches due to a limitation in our vendor’s API, we do know that only 18 non-registered partners "profiles" were viewed by registered partner members as a result of those searches. We remediated this issue within hours but took the site down pending a full review in accordance with our InfoSec policy. No malicious activity was discovered, no data was lost, and this triggered no data privacy actions in the jurisdictions involved. Although a common community feature, partners also expressed concern that a registered partner community member could conduct a search by "company name". We understand it is important for partner employees (registered users) to determine how much or how little information is shared with others in the virtual community. Here’s what we did: * We reconfigured the virtual community to—after authentication—consume only basic information about registered users of the virtual community who accept the terms of service. * Default settings now limit directory search fields to first name and last name. * Member directory is “on” for registered partner member viewing to help deliver the experience TSPs expect when joining a virtual community. However, we have set default privacy settings for all registered members such that only their first name, last name (and profile photo where uploaded) will display when being searched for by members who aren’t their approved contacts. * Registered members may proactively change the privacy settings associated with their user profile to control the level of information that is shared with approved contacts or other members. Partners can find more information about privacy settings in the Virtual Community FAQs. As a courtesy, we are notifying the 18 individuals mentioned above and are reaching out to the 15 partners who conducted searches to gain their assurance this information will not be used beyond community networking. Finally, we know it is important to you to hear what we learned from this. Our beta testing (both internal and with partners) in the 30 days prior did not expose this configuration issue. This taught us about extra measures we can and will take in the future; and we have immediately implemented additional multi-layered testing and QC mechanisms to our processes. Transparency on all sides benefits our community. We want to thank the partner who reported this, and the partners who collaborated with us on this issue. If you have additional questions about this matter, please contact security@connectwise.com. Browse our Advisories Archive >> Ready to talk? Contact Us Chat Now 800.671.6898 Partner Support Solutions * Asio™ platform * Cybersecurity and Data Protection * Unified Monitoring and Management * Business Management * Solution Marketplace For Partners * ConnectWise University™ Login * ConnectWise Home Login * ConnectWise Virtual Community™ * Getting Help * Documentation * Partner Services * Partner Communications * Partner Referral Resources * Resource Center * Blog * Events * Webinars * Podcasts * The IT Nation * Online Community Company * Mission & Vision * History * Awards * Press Room * Careers * Distributors * Contact Us * Careers Stay up to date CountryAfghanistanAlbaniaAlgeriaAland IslandsAmerican SamoaAnguillaAndorraAngolaAntilles - NetherlandsAntigua and BarbudaAntarcticaArgentinaArmeniaAustraliaAustriaArubaAzerbaijanBosnia and HerzegovinaBarbadosBangladeshBelgiumBurkina FasoBulgariaBahrainBurundiBeninBermudaBrunei DarussalamBoliviaBrazilBahamasBhutanBouvet IslandBotswanaBelarusBelizeCambodiaCameroonCanadaCape VerdeCentral African RepublicChadChileChinaChristmas IslandCocos IslandsColombiaCongoIvory CoastCook IslandsCosta RicaCroatiaCyprusCzech RepublicDemocratic Republic of the CongoDjiboutiDenmarkDominicaDominican RepublicEcuadorEgyptEl SalvadorEast TimorEstoniaEquatorial GuineaEritreaEthiopiaFinlandFijiFalkland IslandsFederated States of MicronesiaFaroe IslandsFranceFrench GuianaFrench PolynesiaGabonGambiaGermanyGhanaGibraltarGreat BritainGrenadaGeorgiaGreeceGreenlandGuineaGuadeloupeS. Georgia and S. Sandwich IslandsGuatemalaGuamGuinea-BissauGuyanaHong KongHeard Island and McDonald IslandsHondurasHaitiHungaryIndonesiaIrelandIsraelIndiaBritish Indian Ocean TerritoryIraqItalyJamaicaJordanJapanKenyaKyrgyzstanKiribatiComorosSaint Kitts and NevisKorea SouthKuwaitCayman IslandsKazakhstanLaosLebanonSaint LuciaLiechtensteinSri LankaLiberiaLesothoLithuaniaLuxembourgLatviaLibyaMacedoniaMacaoMadagascarMalaysiaMaliMalawiMauritaniaMarshall IslandsMartiniqueMauritiusMayotteMaltaMexicoMoroccoMonacoMoldovaMongoliaMyanmarNorthern Mariana IslandsMontserratMaldivesMozambiqueNamibiaNew CaledoniaNigerNorfolk IslandNigeriaNicaraguaNetherlandsNorwayNepalNauruNiueNew ZealandOmanPanamaPeruPapua New GuineaPhilippinesPakistanPolandSaint Pierre and MiquelonSerbia and MontenegroPitcairnPuerto RicoPalestinian TerritoryPortugalPalauParaguayQatarReunionRomaniaRussian FederationRwandaSaudi ArabiaSamoaSaint HelenaSaint Vincent and the GrenadinesSan MarinoSao Tome and PrincipeSenegalSeychellesSierra LeoneSingaporeSlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSpainSudanSurinameSvalbard and Jan MayenSwedenSwitzerlandSwazilandTaiwanTanzaniaTajikistanThailandTimor-LesteTogoTokelauTongaTrinidad and TobagoTunisiaTurkeyTurkmenistanTurks and Caicos IslandsTuvaluUkraineUgandaUnited Arab EmiratesUnited KingdomUnited StatesUnited States Minor Outlying IslandsUruguayUzbekistanVanuatuVatican City StateVenezuelaVirgin IslandsVirgin IslandsViet NamWallis and FutunaWestern SaharaYemenZambiaZimbabwe Submit ©2024 ConnectWise, LLC. All rights reserved. Terms Privacy Policy Trust We use cookies to enhance site navigation, analyze site usage and assist in our marketing efforts. You can accept, reject or customize your preferences by clicking the cookie settings button. Our privacy policy provides more information and explains how to amend your cookie settingsPrivacy Policy Reject All Cookies Accept All Cookies Customize Choices PRIVACY PREFERENCE CENTER * YOUR PRIVACY * STRICTLY NECESSARY COOKIES * PERFORMANCE COOKIES * TARGETING COOKIES * FUNCTIONAL COOKIES YOUR PRIVACY When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer. More information STRICTLY NECESSARY COOKIES Always Active These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information. View Vendor Details PERFORMANCE COOKIES Performance Cookies These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance. View Vendor Details TARGETING COOKIES Targeting Cookies These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising. View Vendor Details FUNCTIONAL COOKIES Functional Cookies These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly. View Vendor Details Back Button VENDORS LIST Filter Button Consent Leg.Interest checkbox label label checkbox label label checkbox label label Clear checkbox label label Apply Cancel Confirm My Choices Reject All Allow All