February 20, 2024 at 06:27AM
ConnectWise released software updates to fix critical security flaws in its ScreenConnect remote desktop and access software. The vulnerabilities could enable remote code execution and impact confidential data or critical systems. Users of affected versions are urged to update to version 23.9.8 to mitigate the risk of exploitation.
Key Takeaways from Meeting Notes:
– ConnectWise has identified two security flaws in its ScreenConnect remote desktop and access software, including an authentication bypass and a path traversal vulnerability.
– The vulnerabilities have been assigned high CVSS scores of 10.0 and 8.4, indicating their severity.
– ConnectWise has released software updates in version 23.9.8 to address these vulnerabilities and recommends immediate updates for self-hosted or on-premise users.
– The company has reported that there is currently no evidence of exploitation of these vulnerabilities in the wild but emphasizes the importance of updating to the latest version to mitigate potential risks.
Stay informed by following us on Twitter and LinkedIn for more exclusive content.