Cybersecuritynews
Critical Vulnerability in ConnectWise ScreenConnect Allows Unauthorized Access
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
ConnectWise has released a patch for its ScreenConnect remote support tool to address a critical vulnerability, tracked as CVE-2026-3564, that could allow unauthorized access and privilege escalation. This flaw affects all versions prior to 26.1 and involves the extraction of server-level cryptographic material used for session authentication. Attackers could exploit this vulnerability to hijack sessions and perform unauthorized actions. The National Institute of Standards and Technology (NIST) has classified this vulnerability as critical, indicating a high risk of exploitation in the wild. ConnectWise has urged its customers, particularly managed service providers (MSPs), to upgrade to version 26.1 immediately. While there are claims of past exploitation by state-sponsored actors, ConnectWise currently has no evidence of active exploitation of this specific vulnerability. MSPs managing on-premises deployments must take prompt action to secure their systems. The vulnerability was publicly disclosed on March 17, 2026.
Key Points: • CVE-2026-3564 allows unauthorized access via cryptographic signature verification flaws. • ConnectWise ScreenConnect versions prior to 26.1 are affected and need immediate patching. • No confirmed active exploitation has been reported, but the risk remains high.