ACTION REQUIRED:
Critical ScreenConnect Vulnerabilities (CVE-2024-1709 & CVE-2024-1708)

ConnectWise ScreenConnect

Authentication Bypass Using an Alternate Path or Channel vulnerability

ConnectWise ScreenConnect 23.9.7 and prior are affected by an authentication bypass using an alternate path or channel vulnerability, which may allow an attacker direct access to confidential information or critical systems.

---

Improper limitation of a pathname to a restricted directory (“path traversal”) Vulnerability

ScreenConnect 23.9.7 and prior are affected by a path-traversal vulnerability, which may allow an attacker the ability to execute remote code or directly impact confidential data or critical systems.

---

Recommended Action

ConnectWise highlights the essential need to respond quickly to reported vulnerabilities, adding, “On-premise partners are advised to immediately upgrade to the latest version of ScreenConnect to remediate against reported vulnerabilities.”

Whereas Cloud partners are remediated against both vulnerabilities reported on February 19.

This suggestion emphasizes the need to take immediate action to protect the security and integrity of ScreenConnect servers for on-premise partners. Additionally, ConnectWise announces the release of ScreenConnect version 23.9.10.8817, which includes several changes targeted at improving the customer experience and resolving the identified vulnerabilities. ConnectWise has also announced the elimination of licensing restrictions, allowing partners not under maintenance to upgrade to the most recent version of ScreenConnect without restriction, demonstrating their commitment to facilitating access to vital security advancements for all partners.

Original Sources

• https://unit42.paloaltonetworks.com/connectwise-threat-brief-cve-2024-1708-cve-2024-1709
• https://www.logpoint.com/en/blog/emerging-threats/screenconnect-authentication-bypass

---