ConnectWise has recently resolved two vulnerabilities in ScreenConnect, addressing potential risks of remote code execution and compromising confidential data. Although there’s no evidence of exploitation in the wild, ConnectWise emphasizes the urgency for on-premise partners to promptly address these identified security issues. ScreenConnect, previously known as ConnectWise Control, serves as a remote desktop software solution favored by managed service providers and businesses, though it has also attracted attention from cybercriminals, including ransomware groups and tech support scammers.
The vulnerabilities, affecting ScreenConnect versions 23.9.7 and earlier, were reported through ConnectWise’s vulnerability disclosure channel on February 13, 2024. These vulnerabilities are categorized as authentication bypass and improper limitation of a pathname to a restricted directory, posing significant risks if exploited. ConnectWise underscores the critical importance of partners using self-hosted or on-premise deployments to promptly update their servers to version 23.9.8 to apply the necessary patches and mitigate potential risks.
ConnectWise is also providing updated versions of releases 22.4 through 23.9.7 to address the critical issues, but strongly recommends that partners prioritize updating to ScreenConnect version 23.9.8. By taking immediate action to apply these patches, partners can significantly reduce the likelihood of exploitation and enhance the security posture of their ScreenConnect deployments. These proactive measures are crucial for mitigating potential threats and protecting sensitive data and critical systems from unauthorized access and compromise.
