HTTP Configuration and Encryption in Transit_CVE-2025-11492

9.6 / 10

CRITICAL

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Description

In the ConnectWise Automate Agent, communications could be configured to use HTTP instead of HTTPS. In such cases, an on-path threat actor with a man-in-the-middle network position could intercept, modify, or replay agent-server traffic. Additionally, the encryption method used to obfuscate some communications over the HTTP channel is updated in the Automate 2025.9 patch to enforce HTTPS for all agent communications.

Basic Information

ID CVE-2025-11492

Source ConnectWise

Published Oct 16, 2025 at 18:59

Affected Product

Vendor ConnectWise

Product Automate

Version All versions prior to 2025.9

Affected Versions ConnectWise Automate All versions prior to 2025.9

CWE Classification

CWE-319

References

www.connectwise.com /company/trust/security-bulletins/connectwise-automate-2025.9-security-fix

{
    "lastseen": "",
    "description": "In the ConnectWise Automate Agent, communications could be configured to use HTTP instead of HTTPS. In such cases, an on-path threat actor with a man-in-the-middle network position could intercept, modify, or replay agent-server traffic. Additionally, the encryption method used to obfuscate some communications over the HTTP channel is updated in the Automate 2025.9 patch to enforce HTTPS for all agent communications.",
    "published": "2025-10-16T18:59:35.285Z",
    "modified": "2025-10-16T18:59:35.285Z",
    "type": "cve",
    "title": "HTTP Configuration and Encryption in Transit",
    "source": "ConnectWise",
    "references": "https://www.connectwise.com/company/trust/security-bulletins/connectwise-automate-2025.9-security-fix",
    "id": "CVE-2025-11492",
    "bulletinFamily": "",
    "cwe": [
        "CWE-319"
    ],
    "cvelist": null,
    "sourceData": "ConnectWise Automate All versions prior to 2025.9",
    "sourceHref": "",
    "cvss": {
        "score": 9.6,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Automate",
    "version": "All versions prior to 2025.9",
    "vendor": "ConnectWise",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}