CVE-2024-1709
- Reference to the description:
- Description:
- ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems.
- Last updated date:
- 02/23/2024
Reports
ACTIVELY EXPLOITED
- Type:
- exploitation
- Confidence:
- HIGH
- Date of publishing:
- 02/22/2024
- Reference url to background
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- Type:
- exploitation
- Confidence:
- HIGH
- Date of publishing:
- 02/26/2024
- Reference url to background
https://www.helpnetsecurity.com/2024/02/26/cve-2024-1709-exploited/
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 02/21/2024
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 02/21/2024
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 02/22/2024
- Reference url to background
https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 02/22/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 02/23/2024