Vulnerability Details CVE-2024-1709
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel
vulnerability, which may allow an attacker direct access to confidential information or
critical systems.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.943
EPSS Ranking 99.9%
CVSS Severity
CVSS v3 Score 10.0
Proposed Action
ConnectWise ScreenConnect contains an authentication bypass vulnerability that allows an attacker with network access to the management interface to create a new, administrator-level account on affected devices.
Ransomware Campaign
Known
References
- https://github.com/rapid7/metasploit-framework/pull/18870
- https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc
- https://techcrunch.com/2024/02/21/researchers-warn-high-risk-connectwise-flaw-under-attack-is-embarrassingly-easy-to-exploit/
- https://www.bleepingcomputer.com/news/security/connectwise-urges-screenconnect-admins-to-patch-critical-rce-flaw/
- https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8
- https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/
- https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass
- https://www.huntress.com/blog/detection-guidance-for-connectwise-cwe-288-2
- https://www.huntress.com/blog/vulnerability-reproduced-immediately-patch-screenconnect-23-9-8
- https://www.securityweek.com/connectwise-confirms-screenconnect-flaw-under-active-exploitation/
- https://github.com/rapid7/metasploit-framework/pull/18870
- https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc
- https://techcrunch.com/2024/02/21/researchers-warn-high-risk-connectwise-flaw-under-attack-is-embarrassingly-easy-to-exploit/
- https://www.bleepingcomputer.com/news/security/connectwise-urges-screenconnect-admins-to-patch-critical-rce-flaw/
- https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8
- https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/
- https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass
- https://www.huntress.com/blog/detection-guidance-for-connectwise-cwe-288-2
- https://www.huntress.com/blog/vulnerability-reproduced-immediately-patch-screenconnect-23-9-8
- https://www.securityweek.com/connectwise-confirms-screenconnect-flaw-under-active-exploitation/
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-1709
Products affected by CVE-2024-1709
-
cpe:2.3:a:connectwise:screenconnect:-
-
cpe:2.3:a:connectwise:screenconnect:1.0
-
cpe:2.3:a:connectwise:screenconnect:1.0.12
-
cpe:2.3:a:connectwise:screenconnect:1.1
-
cpe:2.3:a:connectwise:screenconnect:1.2
-
cpe:2.3:a:connectwise:screenconnect:1.3
-
cpe:2.3:a:connectwise:screenconnect:1.4
-
cpe:2.3:a:connectwise:screenconnect:1.5
-
cpe:2.3:a:connectwise:screenconnect:1.6
-
cpe:2.3:a:connectwise:screenconnect:1.7
-
cpe:2.3:a:connectwise:screenconnect:1.8
-
cpe:2.3:a:connectwise:screenconnect:1.9
-
cpe:2.3:a:connectwise:screenconnect:19.0.23665
-
cpe:2.3:a:connectwise:screenconnect:19.1.24566
-
cpe:2.3:a:connectwise:screenconnect:19.2.24707
-
cpe:2.3:a:connectwise:screenconnect:19.3.29493
-
cpe:2.3:a:connectwise:screenconnect:19.4.25759
-
cpe:2.3:a:connectwise:screenconnect:19.5.26194
-
cpe:2.3:a:connectwise:screenconnect:19.6.27027
-
cpe:2.3:a:connectwise:screenconnect:2.0
-
cpe:2.3:a:connectwise:screenconnect:2.1
-
cpe:2.3:a:connectwise:screenconnect:2.2
-
cpe:2.3:a:connectwise:screenconnect:2.3
-
cpe:2.3:a:connectwise:screenconnect:2.4
-
cpe:2.3:a:connectwise:screenconnect:2.5
-
cpe:2.3:a:connectwise:screenconnect:20.1.27036
-
cpe:2.3:a:connectwise:screenconnect:20.10.855
-
cpe:2.3:a:connectwise:screenconnect:20.11.1622
-
cpe:2.3:a:connectwise:screenconnect:20.12.1480
-
cpe:2.3:a:connectwise:screenconnect:20.13.1861
-
cpe:2.3:a:connectwise:screenconnect:20.2.27450
-
cpe:2.3:a:connectwise:screenconnect:20.3.28091
-
cpe:2.3:a:connectwise:screenconnect:20.4.28399
-
cpe:2.3:a:connectwise:screenconnect:20.5.28406
-
cpe:2.3:a:connectwise:screenconnect:20.6.28954
-
cpe:2.3:a:connectwise:screenconnect:20.7.29386
-
cpe:2.3:a:connectwise:screenconnect:20.8.29408
-
cpe:2.3:a:connectwise:screenconnect:20.9.854
-
cpe:2.3:a:connectwise:screenconnect:21..3172
-
cpe:2.3:a:connectwise:screenconnect:21.1.1936
-
cpe:2.3:a:connectwise:screenconnect:21.10.4238
-
cpe:2.3:a:connectwise:screenconnect:21.11.4237
-
cpe:2.3:a:connectwise:screenconnect:21.12.4575
-
cpe:2.3:a:connectwise:screenconnect:21.13.5058
-
cpe:2.3:a:connectwise:screenconnect:21.14.5791
-
cpe:2.3:a:connectwise:screenconnect:21.15.6876
-
cpe:2.3:a:connectwise:screenconnect:21.2.2010
-
cpe:2.3:a:connectwise:screenconnect:21.3.2160
-
cpe:2.3:a:connectwise:screenconnect:21.4.2479
-
cpe:2.3:a:connectwise:screenconnect:21.5.2870
-
cpe:2.3:a:connectwise:screenconnect:21.7.3103
-
cpe:2.3:a:connectwise:screenconnect:21.8.3663
-
cpe:2.3:a:connectwise:screenconnect:21.9.4007
-
cpe:2.3:a:connectwise:screenconnect:22.1.6877
-
cpe:2.3:a:connectwise:screenconnect:22.7
-
cpe:2.3:a:connectwise:screenconnect:23.8.4
-
cpe:2.3:a:connectwise:screenconnect:23.8.5
-
cpe:2.3:a:connectwise:screenconnect:3.0
-
cpe:2.3:a:connectwise:screenconnect:3.1
-
cpe:2.3:a:connectwise:screenconnect:3.2.4415
-
cpe:2.3:a:connectwise:screenconnect:3.3.4664
-
cpe:2.3:a:connectwise:screenconnect:3.4.4855
-
cpe:2.3:a:connectwise:screenconnect:4.0.5552
-
cpe:2.3:a:connectwise:screenconnect:4.1.6060
-
cpe:2.3:a:connectwise:screenconnect:4.2.6403
-
cpe:2.3:a:connectwise:screenconnect:4.3.6563
-
cpe:2.3:a:connectwise:screenconnect:4.4.7175
-
cpe:2.3:a:connectwise:screenconnect:5.0.8132
-
cpe:2.3:a:connectwise:screenconnect:5.1
-
cpe:2.3:a:connectwise:screenconnect:5.2.8724
-
cpe:2.3:a:connectwise:screenconnect:5.3.9074
-
cpe:2.3:a:connectwise:screenconnect:5.4.9849
-
cpe:2.3:a:connectwise:screenconnect:5.5.10444
-
cpe:2.3:a:connectwise:screenconnect:5.6.10957
-
cpe:2.3:a:connectwise:screenconnect:6.0.11622
-
cpe:2.3:a:connectwise:screenconnect:6.1.12292
-
cpe:2.3:a:connectwise:screenconnect:6.2.12963
-
cpe:2.3:a:connectwise:screenconnect:6.3.13446
-
cpe:2.3:a:connectwise:screenconnect:6.4.15787
-
cpe:2.3:a:connectwise:screenconnect:6.5.16479
-
cpe:2.3:a:connectwise:screenconnect:6.6.17808
-
cpe:2.3:a:connectwise:screenconnect:6.7.19864
-
cpe:2.3:a:connectwise:screenconnect:6.8.20068
-
cpe:2.3:a:connectwise:screenconnect:6.9.21870