Comparison Overview

Q: Between ConnectWise company and Upwork company, which one has the best AI Cybersecurity Score ?

Upwork company demonstrates a stronger AI Cybersecurity Score compared to ConnectWise company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Q: Between ConnectWise company and Upwork company, which one has experienced more cyber incidents in the past ?

ConnectWise company has historically faced a number of disclosed cyber incidents, whereas Upwork company has not reported any.

Q: Between ConnectWise company and Upwork company, which one has experienced more cyber incidents this year ?

In the current year, ConnectWise company has reported more cyber incidents than Upwork company.

Q: Between ConnectWise company and Upwork company, which one has experienced at least one ransomware attack ?

ConnectWise company has confirmed experiencing a ransomware attack, while Upwork company has not reported such incidents publicly.

Q: Between ConnectWise company and Upwork company, which one has experienced at least one data breach ?

Neither Upwork company nor ConnectWise company has reported experiencing a data breach publicly.

Q: Between ConnectWise company and Upwork company, which one has experienced at least one targeted cyberattack ?

ConnectWise company has reported targeted cyberattacks, while Upwork company has not reported such incidents publicly.

Q: Between ConnectWise company and Upwork company, which one has experienced at least one vulnerability ?

ConnectWise company has disclosed at least one vulnerability, while Upwork company has not reported such incidents publicly.

Q: Between ConnectWise company and Upwork company, which one holds the most compliance certifications ?

Neither ConnectWise nor Upwork holds any compliance certifications.

Q: Between ConnectWise company and Upwork company, which one has the most subsidiaries ?

Upwork company has more subsidiaries worldwide compared to ConnectWise company.

ConnectWise

400 N Tampa St, Suite 130, Tampa, FL, US, 33602

Last Update: 2025-12-09

View Profile

Between 700 and 749

https://www.connectwise.com/

Born out of a single software solution designed to help MSPs gain control of their help desk and billing, ConnectWise has grown into a robust platform of software built for technology solutions providers (TSPs) to run their entire as-a-service business. With products aiding in business management, remote monitoring and management, remote control and access, quote and proposal automation, and cybersecurity risk assessments, integrations with hundreds of key vendors, plus the largest and most engaged community in the industry, ConnectWise has built a platform for The IT Nation. Our company is powered by our connections, our colleagues and our community. And, we accept all kinds. Game-changers,innovators, culture-lovers - and the humankind. We invite discovery and debate. We recognize key moments as milestones. We see you and value you for your unique contributions. Our inclusive, positive culture lays the foundation to ensure every colleague is valued for their perspectives and skills, giving you the choice of how YOU make a difference.

NAICS: 5112

NAICS Definition: Software Publishers

Employees: 3,454

Subsidiaries: 1

12-month incidents

2

Known data breaches

0

Attack type number

3

View Profile

Upwork

475 Brannan St, San Francisco, California, 94107, US

Last Update: 2025-12-09

Between 800 and 849

https://www.upwork.com/

Upwork is the world’s work marketplace that connects businesses with independent talent from across the globe. We serve everyone from one-person startups to large, Fortune 100 enterprises with a powerful, trust-driven platform that enables companies and talent to work together in new ways that unlock their potential. Our talent community on Upwork encompasses more than 10,000 skills in categories including website & app development, creative & design, customer support, finance & accounting, consulting, and operations.

NAICS: 5112

NAICS Definition: Software Publishers

Employees: 144,138

Subsidiaries: 3

12-month incidents

0

Known data breaches

0

Attack type number

0

ConnectWise

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Upwork

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Software Development Industry Average (This Year)

ConnectWise has 250.88% more incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs Software Development Industry Average (This Year)

No incidents recorded for Upwork in 2025.

Incident History — ConnectWise (X = Date, Y = Severity)

ConnectWise cyber incidents detection timeline including parent company and subsidiaries

Incident History — Upwork (X = Date, Y = Severity)

Upwork cyber incidents detection timeline including parent company and subsidiaries

ConnectWise

Incidents

Date Detected: 6/2025

Type:Vulnerability

Attack Vector: ViewState Code Injection (CVE-2025-3935), Authentication Bypass (CVE-2021-32030, CVE-2023-39780), OS Injection (CVE-2023-39780)

Motivation: Espionage (Suspected), Botnet Expansion (AyySSHush)

Blog: Blog

Date Detected: 5/2025

Type:Cyber Attack

Blog: Blog

Date Detected: 8/2024

Type:Cyber Attack

Attack Vector: Vulnerability Exploitation

Blog: Blog

Upwork

Incidents

No Incident

Upwork company demonstrates a stronger AI Cybersecurity Score compared to ConnectWise company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

ConnectWise company has historically faced a number of disclosed cyber incidents, whereas Upwork company has not reported any.

In the current year, ConnectWise company has reported more cyber incidents than Upwork company.

ConnectWise company has confirmed experiencing a ransomware attack, while Upwork company has not reported such incidents publicly.

Neither Upwork company nor ConnectWise company has reported experiencing a data breach publicly.

ConnectWise company has reported targeted cyberattacks, while Upwork company has not reported such incidents publicly.

ConnectWise company has disclosed at least one vulnerability, while Upwork company has not reported such incidents publicly.

Neither ConnectWise nor Upwork holds any compliance certifications.

Neither company holds any compliance certifications.

Upwork company has more subsidiaries worldwide compared to ConnectWise company.

Upwork company employs more people globally than ConnectWise company, reflecting its scale as a Software Development.

Neither ConnectWise nor Upwork holds SOC 2 Type 1 certification.

Neither ConnectWise nor Upwork holds SOC 2 Type 2 certification.

Neither ConnectWise nor Upwork holds ISO 27001 certification.

Neither ConnectWise nor Upwork holds PCI DSS certification.

Neither ConnectWise nor Upwork holds HIPAA certification.

Neither ConnectWise nor Upwork holds GDPR certification.

Description

Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard Framework prior to versions 10.2.0.4, including 9.3.0.x and 8.3.x display the full server stack trace when encountering an error within the GetCdfResource servlet.

Published

Date

2025-12-15

Updated

Date

2025-12-15

Risk Information

cvss3

Base: 5.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References

https://support.pentaho.com/hc/en-us/articles/41833799577741--Resolved-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Generation-of-Error-Message-Containing-Sensitive-Information-Versions-before-10-2-0-4-Impacted-CVE-2025-9122

Description

Pentaho Data Integration and Analytics Community Dashboard Editor plugin versions before 10.2.0.4, including 9.3.0.x and 8.3.x, deserialize untrusted JSON data without constraining the parser to approved classes and methods.

Published

Date

2025-12-15

Updated

Date

2025-12-15

Risk Information

cvss3

Base: 8.8

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

https://support.pentaho.com/hc/en-us/articles/41832536185613--Resolved-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Deserialization-of-Untrusted-Data-Versions-before-10-2-0-4-Impacted-CVE-2025-9121

Description

A security flaw has been discovered in CTCMS Content Management System up to 2.1.2. The impacted element is an unknown function in the library /ctcms/libs/Ct_Config.php of the component Backend System Configuration Module. The manipulation of the argument Cj_Add/Cj_Edit results in code injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.

Published

Date

2025-12-15

Updated

Date

2025-12-15

Risk Information

cvss2

Base: 5.8

Severity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base: 4.7

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base: 5.1

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/Ct_App.php of the component Backend App Configuration Module. The manipulation of the argument CT_App_Paytype leads to code injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Published

Date

2025-12-15

Updated

Date

2025-12-15

Risk Information

cvss2

Base: 5.8

Severity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base: 4.7

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base: 5.1

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

Weblate is a web based localization tool. In versions prior to 5.15, it was possible to accept an invitation opened by a different user. Version 5.15. contains a patch. As a workaround, avoid leaving one's Weblate sessions with an invitation opened unattended.

Published

Date

2025-12-15

Updated

Date

2025-12-15

Risk Information

cvss4

Base: 1.0

Severity: HIGH

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

ConnectWise

VS

Upwork

ConnectWise

Upwork

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Average (This Year)

Incidents vs Software Development Industry Average (This Year)

Incident History — ConnectWise (X = Date, Y = Severity)

Incident History — Upwork (X = Date, Y = Severity)

Notable Incidents

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-9122

Risk Information

CVE-2025-9121

Risk Information

CVE-2025-14730

Risk Information

CVE-2025-14729

Risk Information

CVE-2025-64725

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

ConnectWise

VS

Upwork

ConnectWise

Upwork

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Average (This Year)

Incidents vs Software Development Industry Average (This Year)

Incident History — ConnectWise (X = Date, Y = Severity)

Incident History — Upwork (X = Date, Y = Severity)

Notable Incidents

🔒 Incident : Vulnerability CON2251822112925

🔒 Incident : Cyber Attack CON2965729112825

🔒 Incident : Cyber Attack CON454052925

No Incident

FAQ

Between ConnectWise company and Upwork company, which one has the best AI Cybersecurity Score ?

Between ConnectWise company and Upwork company, which one has experienced more cyber incidents in the past ?

Between ConnectWise company and Upwork company, which one has experienced more cyber incidents this year ?

Between ConnectWise company and Upwork company, which one has experienced at least one ransomware attack ?

Between ConnectWise company and Upwork company, which one has experienced at least one data breach ?

Between ConnectWise company and Upwork company, which one has experienced at least one targeted cyberattack ?

Between ConnectWise company and Upwork company, which one has experienced at least one vulnerability ?

Between ConnectWise company and Upwork company, which one holds the most compliance certifications ?

Between ConnectWise company and Upwork company, which one holds the fewest compliance certifications ?

Between ConnectWise company and Upwork company, which one has the most subsidiaries ?

Between ConnectWise company and Upwork company, which one has the largest number of employees ?

Between ConnectWise and Upwork, which company holds both SOC 2 Type 1 certifications ?

Between ConnectWise and Upwork, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — ConnectWise or Upwork ?

Which company is PCI DSS compliant — ConnectWise or Upwork ?

Between ConnectWise and Upwork, which company complies with HIPAA regulations for healthcare data ?

Between ConnectWise and Upwork, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-9122

Risk Information

CVE-2025-9121

Risk Information

CVE-2025-14730

Risk Information

CVE-2025-14729

Risk Information

CVE-2025-64725

Risk Information