Multiple vulnerabilities in ConnectWise ScreenConnect



Published: 2024-02-21 | Updated: 2024-04-05
Risk Critical
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2024-1709
CVE-2024-1708
CWE-ID CWE-288
CWE-22
Exploitation vector Network
Public exploit Vulnerability #1 is being exploited in the wild.
Public exploit code for vulnerability #2 is available.
Vulnerable software
Subscribe 		ScreenConnect
Client/Desktop applications / Software for system administration

Vendor ConnectWise

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Authentication bypass using an alternate path or channel

EUVDB-ID: #VU86688

Risk: Critical

CVSSv3.1: 9.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2024-1709

CWE-ID: CWE-288 - Authentication Bypass Using an Alternate Path or Channel

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to bypass authentication.

The vulnerability exists due to improper authentication. A remote non-authenticated attacker can bypass authentication process and gain full access to the system.

Note, the vulnerability is being actively exploited in the wild.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

ScreenConnect: 1.0.291.0 - 23.9.7.8804

External links

http://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

2) Path traversal

EUVDB-ID: #VU86689

Risk: Low

CVSSv3.1: 2.5 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C]

CVE-ID: CVE-2024-1708

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: Yes

Description

The vulnerability allows a remote user to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote privileged user can send a specially crafted HTTP request and read arbitrary files on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ScreenConnect: 1.0.291.0 - 23.9.7.8804

External links

http://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.



###SIDEBAR###