CVE-2024-1709
10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel
vulnerability, which may allow an attacker direct access to confidential information or
critical systems.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ConnectWise | ScreenConnect | 0 <= 23.9.7 | affected |
Weaknesses
- CWE-288: CWE-288 Authentication bypass using an alternate path or channel
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: active
- Automatable: yes
- Technical Impact: total
Additional References
CVE Program Container
Additional References
- https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8
- https://www.huntress.com/blog/vulnerability-reproduced-immediately-patch-screenconnect-23-9-8
- https://www.huntress.com/blog/detection-guidance-for-connectwise-cwe-288-2
- https://www.bleepingcomputer.com/news/security/connectwise-urges-screenconnect-admins-to-patch-critical-rce-flaw/
- https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc
- https://github.com/rapid7/metasploit-framework/pull/18870
- https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/
- https://techcrunch.com/2024/02/21/researchers-warn-high-risk-connectwise-flaw-under-attack-is-embarrassingly-easy-to-exploit/
- https://www.securityweek.com/connectwise-confirms-screenconnect-flaw-under-active-exploitation/
- https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass
References
- https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8
- https://www.huntress.com/blog/vulnerability-reproduced-immediately-patch-screenconnect-23-9-8
- https://www.huntress.com/blog/detection-guidance-for-connectwise-cwe-288-2
- https://www.bleepingcomputer.com/news/security/connectwise-urges-screenconnect-admins-to-patch-critical-rce-flaw/
- https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc
- https://github.com/rapid7/metasploit-framework/pull/18870
- https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/
- https://techcrunch.com/2024/02/21/researchers-warn-high-risk-connectwise-flaw-under-attack-is-embarrassingly-easy-to-exploit/
- https://www.securityweek.com/connectwise-confirms-screenconnect-flaw-under-active-exploitation/
- https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.