In today’s SensCy Cyber Alert, your SensCy team recommends for ConnectWise Server Backup user to install the latest Software patches for a critical vulnerability impacting Recover and R1Soft Server Backup Manager (SBM). ConnectWise’s advisory notes that the flaw affects Recover v2.9.7 and earlier, as well as R1Soft SBM v6.16.3 and earlier, are impacted by the critical flaw.
SensCy recommends that you identify your Connectwise Server Backup Manager and install the news patches if this vulnerability impacts your SBM.
The Cybersecurity firm Huntress said it identified “upwards of 5,000 exposed server manager backup instances,” There are no evidence that the vulnerability was exploited in the wild, however, it could be abused by threat actors to bypass authentication, gain remote code execution on SBM, and push ransomware packages to all downstream endpoints.
For any additional information and remediation tips please follow this link to the Connectwise website.
Please reach out to SensCy for any additional questions or