CVE-2024-1708

HIGH EXPLOITED IN THE WILD RANSOMWARE

ConnectWise ScreenConnect Unauthenticated Remote Code Execution

Title source: metasploit

Description

ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker the ability to execute remote code or directly impact confidential data or critical systems.

Exploits (3)

github WORKING POC 1 stars

by Teexo · pythonremote

https://github.com/Teexo/ScreenConnect-CVE-2024-1709-Exploit

View Code ZIP pw:eip

vulncheck_xdb WORKING POC

remote

https://github.com/cjybao/CVE-2024-1709-and-CVE-2024-1708

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by sfewer-r7, WatchTowr · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/connectwise_screenconnect_rce_cve_2024_1709.rb

View Code ZIP pw:eip

References (2)

[Vendor Advisory] https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8

[Exploit, Third Party Advisory] https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass

Scores

CVSS v3 8.4

EPSS 0.5706

EPSS Percentile 98.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

Details

VulnCheck KEV 2024-02-22

InTheWild.io 2024-02-19

Ransomware Use Confirmed

CWE

CWE-22

Status published

Products (1)

connectwise/screenconnect < 23.9.8

Published Feb 21, 2024

Tracked Since Feb 18, 2026