Security News > 2024 > February > New Vulnerabilities in ConnectWise ScreenConnect Massively Exploited by Attackers
Two new vulnerabilities impact ConnectWise ScreenConnect, remote desktop and access software used for support: CVE-2024-1709 and CVE-2024-1708, with the former being particularly dangerous for organizations.
The CVE-2024-1709 vulnerability, which affects ScreenConnect 23.9.7 and prior, allows any remote attacker to bypass authentication to delete the ScreenConnect user database and get control of an admin user.
Most of those instances are running on U.S.-based IP addresses, followed by Canada and the U.K. How to protect from exploitation via these ConnectWise ScreenConnect vulnerabilities How to detect exploitation of these ConnectWise ScreenConnect vulnerabilities.
How to protect your business from these ConnectWise ScreenConnect exploits.
ConnectWise recommends on-premise partners immediately update ScreenConnect to 23.9.8 or higher to remediate reported vulnerabilities.
ConnectWise has removed license restrictions, so partners no longer under maintenance can upgrade to the latest version of ScreenConnect.
News URL
https://www.techrepublic.com/article/connectwise-screenconnect-vulnerability/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-21 | CVE-2024-1709 | Unspecified vulnerability in Connectwise Screenconnect 22.7/23.8.4/23.8.5 ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems. | 10.0 |
| 2024-02-21 | CVE-2024-1708 | Path Traversal vulnerability in Connectwise Screenconnect 22.7/23.8.4/23.8.5 ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker the ability to execute remote code or directly impact confidential data or critical systems. | 8.4 |