ConnectWise ScreenConnect vulnerability
This live blog contains information regarding a Connectwise vulnerability. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog.
T-Update
This live blog contains information regarding a Connectwise vulnerability. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog.
Last updated on February 22, 2024.
ConnectWise has addressed vulnerabilities in ScreenConnect. ScreenConnect is remote support software that provides remote access to internal systems.
An unauthorized attacker could exploit these vulnerabilities to create a new administrator account and/or execute remote code.
Background
The National Cyber Security Centre (NCSC) has classified this vulnerability as ‘High/High’. The Cybersecurity and Infrastructure Security Agency (CISA) has classified the vulnerabilities with a score of 8.4 under CVE-2024-1708 and 10.0 under CVE-2024-1709. This indicates a high risk of abuse and significant impact.
Risk
The vulnerabilities affect ScreenConnect versions up to and including 23.9.7. The most critical of these vulnerabilities allows an attacker to create a new administrator account and execute arbitrary code. With public available exploits, it becomes even easier for malicious actors to carry out attacks.
Advice
For users of the on-premise version of ScreenConnect, it is strongly advised to upgrade to version 23.9.8 as soon as possible. Detailed instructions for the upgrade process can be found in the following guide:https://docs.connectwise.com/ConnectWise_ScreenConnect_Documentation/On-premises/Get_started_with_ConnectWise_ScreenConnect_On-Premise/Upgrade_an_on-premises_installation
To limit the risk of unauthorized modifications within ScreenConnect it is recommended, if possible, to perform a clean installation of ScreenConnect.This can be done via the following link: https://screenconnect.connectwise.com/download
Users of the cloud version do not need to take any action.
Sign up to receive T-Updates
Receive the latest vulnerabilities in your email every Wednesday
More than 1,000 organisations have already joined us.
