CVE-2024-1709

CVSS 3.1 Score 10.0 of 10 (high)

Details

Published Feb 21, 2024

Updated: Feb 23, 2024

CWE ID 288

Summary

CVE-2024-1709 is a newly disclosed vulnerability affecting ConnectWise ScreenConnect versions 23.9.7 and older. This issue involves an Authentication Bypass vulnerability, enabling attackers to bypass the authentication process and gain unauthorized access to confidential information or critical systems. The bypass is achieved through an alternate path or channel, posing a significant security risk. Organizations using ConnectWise ScreenConnect are urged to update to the latest version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

ConnectWise Control

Affected Vendors

ConnectWise

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/umb8Ac
https://www.cve.org/CVERecord?id=CVE-2024-1709
https://nvd.nist.gov/vuln/detail/CVE-2024-1709

Back to Vulnerability Database