February 21, 2024 at 12:15PM
ConnectWise responded to reports of hackers exploiting vulnerabilities in its ScreenConnect product. The company confirmed compromised accounts and emphasized the urgent need for businesses to upgrade to version 23.9.8 to prevent remote code execution. Security firms also highlighted the seriousness of the situation, prompting ConnectWise to urgently advise customers to install the patches within days.
From the provided meeting notes, the key takeaways are:
1. ConnectWise’s ScreenConnect remote desktop access product has been targeted by hackers who are exploiting critical security defects.
2. The in-the-wild exploitation has prompted connectWise to urgently release patches, with a focus on upgrading to ConnectWise ScreenConnect 23.9.8 for on-prem installations.
3. Multiple security companies, including Huntress and Rapid7, have released proof-of-concept code and exploit modules to highlight the severity of the vulnerabilities and the ease of exploitation.
4. ConnectWise has highlighted the urgency for enterprise admins to implement the patches as emergency changes due to the severity and risk of exploitation.
5. The vulnerabilities could lead to remote code execution and directly impact confidential data or critical systems for customers using affected versions of ScreenConnect, especially on on-prem or self-hosted systems.
These takeaways summarize the urgent security situation and the need for immediate action to mitigate the risk of exploitation for businesses using ConnectWise’s ScreenConnect product.