Security News > 2024 > February > ConnectWise urges ScreenConnect admins to patch critical RCE flaw
ConnectWise warned customers to patch their ScreenConnect servers immediately against a maximum severity flaw that can be used in remote code execution attacks.
ConnectWise has yet to assign CVE IDs to the two security flaws that impact all servers running ScreenConnect 23.9.7 and prior.
While ScreenConnect cloud servers hosted on screenconnect.com cloud or hostedrmm.com are already secured against potential attacks, admins using on-premise software are advised to update their servers to ScreenConnect version 23.9.8 immediately.
Shodan also tracks over 7,600 ScreenConnect servers, with only 160 currently running the patched ScreenConnect 23.9.8 version.
Last month, CISA, the NSA, and MS-ISAC issued a joint advisory warning that attackers increasingly use legitimate remote monitoring and management software such as ConnectWise ScreenConnect for malicious purposes.
VMware confirms critical vCenter flaw now exploited in attacks.
News URL
Related news
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)
- Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist (source)
- Veeam RCE bug lets domain users hack backup servers, patch now (source)
- Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication (source)
- CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)