Vulnerability Details CVE-2024-1708
ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker
the ability to execute remote code or directly impact confidential data or critical systems.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.849
EPSS Ranking 99.4%
CVSS Severity
CVSS v3 Score 8.4
Proposed Action
ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems.
Ransomware Campaign
Unknown
References
- https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8
- https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass
- https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8
- https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-1708
- https://www.microsoft.com/en-us/security/blog/2026/04/06/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-operations/
Products affected by CVE-2024-1708
-
cpe:2.3:a:connectwise:screenconnect:-
-
cpe:2.3:a:connectwise:screenconnect:1.0
-
cpe:2.3:a:connectwise:screenconnect:1.0.12
-
cpe:2.3:a:connectwise:screenconnect:1.1
-
cpe:2.3:a:connectwise:screenconnect:1.2
-
cpe:2.3:a:connectwise:screenconnect:1.3
-
cpe:2.3:a:connectwise:screenconnect:1.4
-
cpe:2.3:a:connectwise:screenconnect:1.5
-
cpe:2.3:a:connectwise:screenconnect:1.6
-
cpe:2.3:a:connectwise:screenconnect:1.7
-
cpe:2.3:a:connectwise:screenconnect:1.8
-
cpe:2.3:a:connectwise:screenconnect:1.9
-
cpe:2.3:a:connectwise:screenconnect:19.0.23665
-
cpe:2.3:a:connectwise:screenconnect:19.1.24566
-
cpe:2.3:a:connectwise:screenconnect:19.2.24707
-
cpe:2.3:a:connectwise:screenconnect:19.3.29493
-
cpe:2.3:a:connectwise:screenconnect:19.4.25759
-
cpe:2.3:a:connectwise:screenconnect:19.5.26194
-
cpe:2.3:a:connectwise:screenconnect:19.6.27027
-
cpe:2.3:a:connectwise:screenconnect:2.0
-
cpe:2.3:a:connectwise:screenconnect:2.1
-
cpe:2.3:a:connectwise:screenconnect:2.2
-
cpe:2.3:a:connectwise:screenconnect:2.3
-
cpe:2.3:a:connectwise:screenconnect:2.4
-
cpe:2.3:a:connectwise:screenconnect:2.5
-
cpe:2.3:a:connectwise:screenconnect:20.1.27036
-
cpe:2.3:a:connectwise:screenconnect:20.10.855
-
cpe:2.3:a:connectwise:screenconnect:20.11.1622
-
cpe:2.3:a:connectwise:screenconnect:20.12.1480
-
cpe:2.3:a:connectwise:screenconnect:20.13.1861
-
cpe:2.3:a:connectwise:screenconnect:20.2.27450
-
cpe:2.3:a:connectwise:screenconnect:20.3.28091
-
cpe:2.3:a:connectwise:screenconnect:20.4.28399
-
cpe:2.3:a:connectwise:screenconnect:20.5.28406
-
cpe:2.3:a:connectwise:screenconnect:20.6.28954
-
cpe:2.3:a:connectwise:screenconnect:20.7.29386
-
cpe:2.3:a:connectwise:screenconnect:20.8.29408
-
cpe:2.3:a:connectwise:screenconnect:20.9.854
-
cpe:2.3:a:connectwise:screenconnect:21..3172
-
cpe:2.3:a:connectwise:screenconnect:21.1.1936
-
cpe:2.3:a:connectwise:screenconnect:21.10.4238
-
cpe:2.3:a:connectwise:screenconnect:21.11.4237
-
cpe:2.3:a:connectwise:screenconnect:21.12.4575
-
cpe:2.3:a:connectwise:screenconnect:21.13.5058
-
cpe:2.3:a:connectwise:screenconnect:21.14.5791
-
cpe:2.3:a:connectwise:screenconnect:21.15.6876
-
cpe:2.3:a:connectwise:screenconnect:21.2.2010
-
cpe:2.3:a:connectwise:screenconnect:21.3.2160
-
cpe:2.3:a:connectwise:screenconnect:21.4.2479
-
cpe:2.3:a:connectwise:screenconnect:21.5.2870
-
cpe:2.3:a:connectwise:screenconnect:21.7.3103
-
cpe:2.3:a:connectwise:screenconnect:21.8.3663
-
cpe:2.3:a:connectwise:screenconnect:21.9.4007
-
cpe:2.3:a:connectwise:screenconnect:22.1.6877
-
cpe:2.3:a:connectwise:screenconnect:22.7
-
cpe:2.3:a:connectwise:screenconnect:23.8.4
-
cpe:2.3:a:connectwise:screenconnect:23.8.5
-
cpe:2.3:a:connectwise:screenconnect:3.0
-
cpe:2.3:a:connectwise:screenconnect:3.1
-
cpe:2.3:a:connectwise:screenconnect:3.2.4415
-
cpe:2.3:a:connectwise:screenconnect:3.3.4664
-
cpe:2.3:a:connectwise:screenconnect:3.4.4855
-
cpe:2.3:a:connectwise:screenconnect:4.0.5552
-
cpe:2.3:a:connectwise:screenconnect:4.1.6060
-
cpe:2.3:a:connectwise:screenconnect:4.2.6403
-
cpe:2.3:a:connectwise:screenconnect:4.3.6563
-
cpe:2.3:a:connectwise:screenconnect:4.4.7175
-
cpe:2.3:a:connectwise:screenconnect:5.0.8132
-
cpe:2.3:a:connectwise:screenconnect:5.1
-
cpe:2.3:a:connectwise:screenconnect:5.2.8724
-
cpe:2.3:a:connectwise:screenconnect:5.3.9074
-
cpe:2.3:a:connectwise:screenconnect:5.4.9849
-
cpe:2.3:a:connectwise:screenconnect:5.5.10444
-
cpe:2.3:a:connectwise:screenconnect:5.6.10957
-
cpe:2.3:a:connectwise:screenconnect:6.0.11622
-
cpe:2.3:a:connectwise:screenconnect:6.1.12292
-
cpe:2.3:a:connectwise:screenconnect:6.2.12963
-
cpe:2.3:a:connectwise:screenconnect:6.3.13446
-
cpe:2.3:a:connectwise:screenconnect:6.4.15787
-
cpe:2.3:a:connectwise:screenconnect:6.5.16479
-
cpe:2.3:a:connectwise:screenconnect:6.6.17808
-
cpe:2.3:a:connectwise:screenconnect:6.7.19864
-
cpe:2.3:a:connectwise:screenconnect:6.8.20068
-
cpe:2.3:a:connectwise:screenconnect:6.9.21870