ConnectWise, a provider of IT management software, released patches for a critical vulnerability that, according to cybersecurity experts, exposes thousands of servers to attack.
The R1Soft server backup manager and ConnectWise Recover backup and disaster recovery software are both impacted by the bug, which is characterized as “improper neutralization of special elements in output used by a downstream component.” A critical remote code execution vulnerability is the problem.
Also Read: Three Strategies for Organizations to Reduce Attack Surfaces and Mitigate Cloud Risk
The vulnerability has been given a priority rating of 1, meaning that it is either being targeted by hackers or is highly likely to be used in the wild. Users of R1Soft are advised to update to version 6.16.4, while those of ConnectWise Recover are urged to update to version 2.9.9.
Read More: Critical ConnectWise Vulnerability Affects Thousands of Internet-Exposed Servers
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
