Introduction
Managed service providers relying on ConnectWise Automate to orchestrate thousands of endpoints now face a new integrity verification gap in the agent's plugin loading and self update mechanisms. CVE-2026-9089, disclosed on May 21, 2026, carries a CVSS score of 8.8 and could allow an adjacent network attacker to substitute malicious components without needing any privileges or user interaction.
ConnectWise Automate is a remote monitoring and management (RMM) platform designed for enterprise scale managed service providers managing thousands of endpoints across complex organizational structures. It offers deep scripting engines and automation capabilities, making it a cornerstone tool in the MSP ecosystem. Because the Automate agent operates with high privileges across vast endpoint fleets, any vulnerability in its update or loading pipeline carries a significant blast radius.
Technical Information
CVE-2026-9089 falls under CWE-494: Download of Code Without Integrity Check. The core issue is that the ConnectWise Automate Agent does not fully verify the authenticity of components obtained during two critical operations: plugin loading and self update. Under certain conditions, components obtained during these operations may be processed without full integrity verification prior to loading.
CVSS Vector Breakdown
The full CVSS 3.1 vector is CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, which breaks down as follows:
| Metric | Value | Implication |
|---|---|---|
| Attack Vector | Adjacent (AV:A) | Attacker must be on the local network or a shared physical/logical network segment |
| Attack Complexity | Low (AC:L) | No special conditions or race conditions required |
| Privileges Required | None (PR:N) | No authentication needed |
| User Interaction | None (UI:N) | No victim action required |
| Scope | Unchanged (S:U) | Impact is confined to the vulnerable component's security scope |
| Confidentiality | High (C:H) | Full read access to the compromised endpoint |
| Integrity | High (I:H) | Full write access, including code execution |
| Availability | High (A:H) | Complete disruption of the endpoint is possible |
Attack Flow
Based on the architectural behavior described in the public security bulletin, the exploitation path follows this general sequence:
-
The attacker positions themselves on the same network segment as the target endpoint running the ConnectWise Automate Agent. This could be a shared LAN, VLAN, or other adjacent network topology.
-
The Automate Agent initiates a plugin loading or self update operation. During this process, the agent retrieves components (plugins or update binaries) from a source.
-
Because the agent does not fully verify the authenticity of these components, the attacker can intercept or substitute the legitimate components with malicious payloads. The adjacent network position enables techniques such as ARP spoofing or other local network manipulation to redirect or tamper with the component delivery.
-
The agent loads the substituted malicious component without detecting the tampering, resulting in code execution with the privileges of the Automate Agent process.
-
Given the high privilege level at which RMM agents typically operate, successful exploitation yields full compromise of the endpoint: complete access to data (confidentiality), the ability to modify system state (integrity), and the ability to disrupt operations (availability).
Limitations of Current Analysis
Public disclosures do not include specific proof of concept exploits, detailed indicators of compromise, or exact file paths affected by this vulnerability. Detailed remediation instructions and release notes are restricted behind a vendor single sign on portal. Our analysis is therefore limited to the architectural behavior described in the public security bulletin.
Affected Systems and Versions
All versions of ConnectWise Automate prior to version 2026.5 are affected. The fix is included in the Automate 2026.5 release.
| Deployment Type | Status | Action Required |
|---|---|---|
| Cloud Instances | Already updated to Automate 2026.5 | Verify version; no manual action needed |
| On Premises Instances | Vulnerable if running any version prior to 2026.5 | Apply the 2026.5 release within 30 days of the bulletin |
ConnectWise has assigned this vulnerability an "Important" severity rating with a "Priority 2 Moderate" status, indicating that while the risk is elevated, exploits are neither known nor anticipated to be imminent.
Defense in Depth Recommendations
While specific workarounds for CVE-2026-9089 are not detailed in the current bulletin, a similar past vulnerability in Automate (CVE-2025-11493) also involved a lack of integrity checks when downloading code. For that vulnerability, ConnectWise advised that partners running on premises servers should enforce HTTPS for all agent communications and ensure TLS 1.2 is enforced to maintain secure communications and mitigate interception attacks. Organizations should ensure these transport layer security measures remain active as a complementary defense.
Vendor Security History
ConnectWise has had to address multiple high severity issues across its product suite in recent months, with a recurring theme around cryptographic and integrity verification failures:
| Date | Product | CVE | Summary |
|---|---|---|---|
| 2025 | Automate 2025.9 | CVE-2025-11493 | Lack of integrity checks when downloading code, allowing potential interception attacks |
| March 17, 2026 | ScreenConnect 26.1 | CVE-2026-3564 | Issues related to how server level cryptographic material is protected |
| May 21, 2026 | Automate 2026.5 | CVE-2026-9089 | Agent does not fully verify the authenticity of components during plugin loading and self update |
The recurrence of CWE-494 specifically in the Automate product line (both CVE-2025-11493 and CVE-2026-9089) suggests an architectural pattern in how the agent handles component retrieval and validation that has required multiple rounds of remediation. Organizations using ConnectWise products on premises should factor this history into their patch prioritization and consider whether additional network segmentation or monitoring around agent update traffic is warranted.
Current Threat Landscape
As of publication, there is no evidence of active exploitation. ConnectWise explicitly states that exploits are neither known nor anticipated to be imminent. CISA added seven new vulnerabilities to its Known Exploited Vulnerabilities Catalog on May 20, 2026, but CVE-2026-9089 is not among them. Current intelligence supports treating this as a high priority patch cycle rather than an active incident response scenario. Organizations should continue to monitor threat feeds for any changes to this assessment.
References
- ConnectWise Automate 2026.5 Security Bulletin
- NVD Entry for CVE-2026-9089
- NVD Entry for CVE-2025-11493
- SecurityWeek: ConnectWise Patches Critical Flaw in Automate RMM Tool
- ConnectWise Security Bulletins Index
- ConnectWise ScreenConnect 26.1 Security Bulletin
- CISA: Adds Seven Known Exploited Vulnerabilities to Catalog (May 20, 2026)



