CISA Alerts Active Exploitation of ConnectWise ScreenConnect Bug
Blog post from SSOJet
CISA has identified a critical vulnerability in ConnectWise ScreenConnect, designated as CVE-2024-1709 and CVE-2025-3935, which are actively exploited by malicious actors, posing significant risks to organizations. These vulnerabilities allow for authentication bypass and remote code execution through ViewState code injection attacks, impacting versions up to 25.2.3. ConnectWise has acknowledged the flaws' connection to ransomware campaigns and issued urgent patch and upgrade instructions to mitigate these threats, emphasizing the need for immediate action to prevent unauthorized access and potential system compromise. CISA has mandated federal agencies to address these vulnerabilities by the specified deadline, encouraging all organizations to prioritize timely remediation and adopt comprehensive security measures such as multi-factor authentication and network isolation of ScreenConnect servers.
No tracked trend matches for this post yet.