CISA Adds ConnectWise ScreenConnect Known Exploited Vulnerability - 20240221004¶
Overview¶
ConnectWise ScreenConnect reports two critical vulnerability with one being exploited. The vulnerability could allow the ability to execute remote code or directly impact confidential data or critical systems.
What is vulnerable?¶
| Product(s) Affected | CVE | Severity | CVSS | Updated | Exploited |
|---|---|---|---|---|---|
| ConnectWise ScreenConnect versions before 23.9.7 affected by path-traversal vulnerability | CVE-2024-1708 | High | 8.4 | 22/02/2024 | No |
| ConnectWise ScreenConnect versions before 23.9.7 affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability | CVE-2024-1709 | Critical | 10.0 | 22/02/2024 | Yes |
What has been observed?¶
CISA added this vulnerability in their Known Exploited Vulnerabilities catalog. There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
Recommendations¶
The WA SOC recommends agencies to upgrade to version 23.9.8 and proactively engage with vendor management/supply chain on the patch of these services. (refer Patch Management):