ConnectWise Patches ‘Critical’ Flaw That Could Have Infected 5,000 Servers: Huntress – CRN
‘If we were bad guys we could have reached out to all 5,000 servers and exploited all of them. And not just those individual servers themselves, but also any of the agents that they manage as well,’ Caleb Stewart, a security researcher with Huntress, tells CRN.
ConnectWise on Friday patched a critical software flaw that allowed Huntress researchers to use remote code and push ransomware into approximately 5,000 ConnectWise R1Soft servers.
A ConnectWise partner said the Tampa, Florida-based company remotely fixed the flaw, which is part of the firm’s backup and disaster recovery products.
Huntress CEO Kyle Hanslovan said on LinkedIn that uncovering the flaw began with a researchers’ tweet and snowballed into the “ability to push ransomware through ~5,000 R1 Soft servers.” He appeared caught off guard with ConnectWise announcing the critical flaw on a Friday.
“Whelp, wasn’t expecting this ConnectWise RCE to become public today. Guess we’ll publish on Monday how Huntress went from a…
The post ConnectWise Patches ‘Critical’ Flaw That Could Have Infected 5,000 Servers: Huntress – CRN first appeared on SEO, Marketing and Social News | OneSEOCompany.com.
source: https://news.oneseocompany.com/2022/10/28/connectwise-patches-critical-flaw-that-could-have-infected-5000-servers-huntress-crn_2022102834658.html
Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.