[German]Does anyone use software from ConnectWise (e.g. ScreenConnect)? This evening I received an email from a blog reader pointing out an announcement from ConnectWise that is quite urgent. By tomorrow, June 10, 2025, 15:00 CET, users must update the provider's software as the manufacturer is replacing the digital server certificates. There are fears that an attacker could misuse an old digital certificate. Addendum: There is a new date of June 13, 2025.
Advertising
Who is ConnectWise?
ConnectWise Inc is a US software company best known for its software ConnectWise ScreenConnect, formerly Screenconnect. ScreenConnect is a self-hosted remote desktop software application. It was originally developed by Elsinore Technologies in 2008 under the name ScreenConnect and was acquired by ConnectWise Inc.
The company claims to be the leading provider of IT software for the industry. Their products are therefore likely to be in use in many companies.
Security incident in May 2025
However, there was a cyber incident at this provider a few days ago. This can be found in the security notifications section in a message dated May 28, 2025. It states that the company had learned of suspicious activity in the IT environment. It is assumed that state attackers are behind this action. It also states that they are targeting a very small number of ScreenConnect customers. Bleeping Computer has reported about that. ConnectWise had entrusted Mandiant with the forensic analysis of the incident. From this point on, the red lights had to go on for users of the products.
Manufacturer updates server certificates
In the announcement (dated June 9, 2025, 01:42), which can be viewed in the original at the end of the article, ConnectWise informs its partners that they need to update the digital signing certificates used in ConnectWise ScreenConnect, Automate and RMM. The reason is that a third-party vendor has expressed concerns that ScreenConnect could potentially be misused by a malicious actor.
The vendor emphasizes that this exchange is not related to a previous security incident. But there is a risk of potential abuse related to a configuration issue with the ScreenConnect installer. However, exploitation would require access at system level. The announcement states that they are actively working to resolve this issue, but are committed to rotating the certificates on Tuesday, June 10 at 10:00 p.m. ET (3:00 p.m. CET).
Advertising
Software update required
From this point on, old clients of the manufacturer are likely to experience problems with server connections. Customers using the on-premises versions of ScreenConnect or Automate must update them to the latest build immediately.
The ScreenConnect build for on-premise use is in progress and should be available shortly. The manufacturer writes that it must be ensured that all agents have been updated before the specified deadline (June 10, 2025, 22:00 ET, 15:00 CET) in order to avoid interruptions or impairment of use.
Addendum: new date is Friday, June 13 at 8:00 p.m. ET (1:00 pm MEZ), as ConnectWise told users in a new message.
ConnectWise is also in the process of automatically updating the certificates in all cloud instances for Automate and RMM. This includes updating the agents. Further details can be found in the following message. Thanks to the reader for the tip.
Notification from ConnectWise June 9, 2025
We are updating the digital signing certificates used in ConnectWise ScreenConnect, Automate, and RMM due to concerns raised by a third-party researcher about how ScreenConnect could potentially be misused by a bad actor. This potential misuse relates to a configuration handling issue with the ScreenConnect installer which would require system-level access. We are actively working to resolve this issue but are required to rotate our certificates on Tuesday, June 10 at 10:00 p.m. ET.
Addendum: new date is Friday, June 13 at 8:00 p.m. ET. ConnectWise received this extended deadline Monday evening.
This issue is not related to any previous security event. ConnectWise had already planned improvements to certificate management and overall product hardening as part of our ongoing security and reliability initiatives. However, these timelines have been accelerated based on recent requirements.
The following guidelines provide instructions on how to navigate the updates for our on-premises and cloud solutions:
On-Premises Solutions
Customers using on-premises versions of ScreenConnect or Automate must update to the latest build and validate that all agents are updated before Tuesday, June 10 at 10:00 p.m. ET to avoid disruptions or degraded experience.
- The Automate on-premises build is available now.
- The ScreenConnect on-premises build is in progress and will be made available shortly.
We will notify you once the ScreenConnect update is released. In the meantime, please visit our ConnectWise University page for the latest updates, guidance, and download links as they become available.
Partner Town Hall
Join our CEO for a live Partner Town Hall on Monday, June 9 at 3:00 p.m. ET, to discuss the updates and answer your questions. Register here.
Resources Available
For step-by-step instructions on how to update your environment, product version details, and a comprehensive FAQ, please visit our ConnectWise University page. This page will be continuously updated with the latest guidance and answers to common questions.
Cloud Solutions
We are in the process of automatically updating certificates across all cloud instances for Automate and RMM, including agent updates.
- These updates are being deployed progressively. We recommend that you validate that your agents are running the latest version prior to the June 10 deadline to ensure optimal performance.
- You can find guidance and version details on the ConnectWise University page to help confirm your agent updates.
For ScreenConnect cloud instances, we are finalizing the updated build, which will also be deployed automatically once ready. We will communicate additional instructions as soon as the new version is available.
We appreciate your continued partnership and are committed to addressing this matter with urgency and care to ensure minimal impact to your business.
Advertising
