CVE-2024-1708

CVSS 3.1 Score 8.4 of 10 (high)

Details

Published Feb 21, 2024
Updated: Feb 22, 2024
CWE ID 22

Summary

CVE-2024-1708 is a newly disclosed vulnerability that affects ConnectWise ScreenConnect versions 23.9.7 and older. This issue permits an attacker to traverse directory paths, potentially granting unauthorized access to sensitive data or allowing the execution of remote code. The vulnerability poses a significant risk to confidential information and critical systems. Organizations using the affected ScreenConnect version are strongly advised to update as soon as possible to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • ConnectWise Control

Affected Vendors

  • ConnectWise