�Ӱɴ�ý

UPDATE:��Read our full analysis of CVE-2024-1709 & CVE-2024-1708 and detection guidance here.

UPDATE: We have proactively deployed a temporary hotfix to over 1000 vulnerable systems managed by �Ӱɴ�ý. It's crucial people still update to the latest official version ASAP. During research and creation of a Proof-of-Concept exploit to validate the vulnerability, �Ӱɴ�ý identified a way to temporarily hot-fix vulnerable systems while administrators work to patch their systems.

UPDATE: ��Detection guidance from �Ӱɴ�ý has been issued.

�Ӱɴ�ý security researchers successfully created and validated a proof-of-concept exploit for the vulnerabilities referenced to in the latest February 19 .��

1. CWE-288 “Authentication bypass using an alternate path or channel,” base score of 10, and
2. CWE-22 “Improper limitation of a pathname to a restricted directory (‘path traversal’),” base score of 8.4

The ConnectWise article indicates the severity as “�������پ�������—vulnerabilities that could allow the ability to execute remote code or directly impact confidential data or critical systems.”��

�Ӱɴ�ý is in complete agreement with this assessment. They state there is no knowledge of any in-the-wild exploitation, and for this reason, we will not yet share any further details on this threat.

As of 07:00 AM EST, over 8,800 servers are shown as running a vulnerable version on the Censys.io platform.

For Cloud users of ScreenConnect, no action is required on your part—cloud instances have been automatically updated to the latest secure version.

For on-premise users, we offer our strongest recommendation to patch and update to ScreenConnect version 23.9.8 immediately.��

We encourage customers and partners to reach out if they need assistance. If you are not currently using �Ӱɴ�ý EDR, sign up for a free trial, and �Ӱɴ�ý will monitor for any related activity.