Critical Vulnerabilities in ConnectWise ScreenConnect Exploited in Active Attacks
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
ConnectWise ScreenConnect has been compromised by two critical vulnerabilities, CVE-2024-1708 and CVE-2024-1709, which allow attackers to bypass authentication and execute remote code. The vulnerabilities were disclosed on February 19, 2024, with CVE-2024-1709 rated critical (CVSS 10.0) for authentication bypass, and CVE-2024-1708 rated high (CVSS 8.4) for path traversal. Attackers can exploit these vulnerabilities to gain unauthorized access and execute malicious code on affected systems. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2024-1708 to its Known Exploited Vulnerabilities (KEV) catalog on April 28, 2026, confirming active exploitation in the wild. Organizations using versions 23.9.7 and earlier must urgently update to version 23.9.8 to mitigate these threats. The vulnerabilities have been linked to ongoing ransomware campaigns, emphasizing the need for immediate action.
Key Points: • CVE-2024-1708 and CVE-2024-1709 are critical vulnerabilities in ConnectWise ScreenConnect. • CISA confirmed active exploitation of CVE-2024-1708 on April 28, 2026. • Organizations must update to ScreenConnect version 23.9.8 to mitigate these vulnerabilities.