Vulnerabilites related to connectwise - screenconnect
cve-2022-36781
Vulnerability from cvelistv5
Published
2022-09-28 19:11
Modified
2024-09-16 20:16
Severity ?
EPSS score ?
Summary
ConnectWise ScreenConnect versions 22.6 and below contained a flaw allowing potential brute force attacks on custom access tokens due to inadequate rate-limiting controls in the default configuration. Attackers could exploit this vulnerability to gain unauthorized access by repeatedly attempting access code combinations. ConnectWise has addressed this issue in later versions by implementing rate-limiting controls as a preventive measure against brute force attacks.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ConnectWise | ScreenConnect |
Version: 22.7 < 22.6* |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:14:28.402Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.gov.il/en/Departments/faq/cve_advisories", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "ScreenConnect", vendor: "ConnectWise", versions: [ { lessThan: "22.6*", status: "affected", version: "22.7", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Gad Abuhatziera Sophtix Security LTD", }, ], datePublic: "2022-09-10T21:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>ConnectWise ScreenConnect versions 22.6 and below contained a flaw allowing potential brute force attacks on custom access tokens due to inadequate rate-limiting controls in the default configuration. Attackers could exploit this vulnerability to gain unauthorized access by repeatedly attempting access code combinations. ConnectWise has addressed this issue in later versions by implementing rate-limiting controls as a preventive measure against brute force attacks.</p>", }, ], value: "ConnectWise ScreenConnect versions 22.6 and below contained a flaw allowing potential brute force attacks on custom access tokens due to inadequate rate-limiting controls in the default configuration. Attackers could exploit this vulnerability to gain unauthorized access by repeatedly attempting access code combinations. ConnectWise has addressed this issue in later versions by implementing rate-limiting controls as a preventive measure against brute force attacks.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Session Code Bypass", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2024-03-14T13:48:41.228Z", orgId: "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f", shortName: "INCD", }, references: [ { url: "https://www.gov.il/en/Departments/faq/cve_advisories", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Update to version 22.7.</p>", }, ], value: "Update to version 22.7.", }, ], source: { defect: [ "ILVN-2022-0052", ], discovery: "EXTERNAL", }, title: "ConnectWise - ScreenConnect Session Code Bypass", x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f", assignerShortName: "INCD", cveId: "CVE-2022-36781", datePublished: "2022-09-28T19:11:20.650962Z", dateReserved: "2022-07-26T00:00:00", dateUpdated: "2024-09-16T20:16:20.390Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-1708
Vulnerability from cvelistv5
Published
2024-02-21 15:29
Modified
2024-08-01 18:48
Severity ?
EPSS score ?
Summary
ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker
the ability to execute remote code or directly impact confidential data or critical systems.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ConnectWise | ScreenConnect |
Version: 0 < |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:connectwise:screenconnect:-:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "screenconnect", vendor: "connectwise", versions: [ { lessThanOrEqual: "23.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-1708", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-06-14T03:55:18.791767Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-14T16:44:54.475Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T18:48:21.724Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8", }, { tags: [ "x_transferred", ], url: "https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "ScreenConnect", vendor: "ConnectWise", versions: [ { changes: [ { at: "23.9.8", status: "unaffected", }, ], lessThanOrEqual: "23.9.7 ", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker \n\n<span style=\"background-color: rgb(255, 255, 255);\">the ability to execute remote code or directly impact confidential data or critical systems.</span>\n\n", }, ], value: "ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker \n\nthe ability to execute remote code or directly impact confidential data or critical systems.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-21T18:25:58.766Z", orgId: "9119a7d8-5eab-497f-8521-727c672e3725", shortName: "cisa-cg", }, references: [ { url: "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8", }, { url: "https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass", }, ], source: { discovery: "UNKNOWN", }, title: "Improper limitation of a pathname to a restricted directory (“path traversal”)", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9119a7d8-5eab-497f-8521-727c672e3725", assignerShortName: "cisa-cg", cveId: "CVE-2024-1708", datePublished: "2024-02-21T15:29:10.091Z", dateReserved: "2024-02-21T14:58:56.018Z", dateUpdated: "2024-08-01T18:48:21.724Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-3935
Vulnerability from cvelistv5
Published
2025-04-25 18:27
Modified
2025-04-25 18:55
Severity ?
EPSS score ?
Summary
ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys.
It is important to note that to obtain these machine keys, privileged system level access must be obtained.
If these machine keys are compromised, attackers could create and send a malicious ViewState to the website, potentially leading to remote code execution on the server.
The risk does not originate from a vulnerability introduced by ScreenConnect, but from platform level behavior. This had no direct impact to ScreenConnect Client. ScreenConnect 2025.4 patch disables ViewState and removes any dependency on it.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ConnectWise | ScreenConnect |
Version: <25.2.3 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2025-3935", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-04-25T18:55:45.442112Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-25T18:55:55.791Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "Microsoft ASP.NET", ], product: "ScreenConnect", vendor: "ConnectWise", versions: [ { status: "affected", version: "<25.2.3", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. \n<span style=\"background-color: rgb(255, 255, 255);\">It is important to note that to obtain these machine keys, privileged system level access must be obtained. </span>\n\n</span><br><br>I<span style=\"background-color: rgb(255, 255, 255);\">f these machine keys are compromised, attackers could create and send a malicious ViewState to the website, potentially leading to remote code execution on the server. </span><span style=\"background-color: rgb(255, 255, 255);\"><br></span>\n\n<br>The risk does not originate from a vulnerability introduced by ScreenConnect, but from platform level behavior. This had no direct impact to ScreenConnect Client. <span style=\"background-color: rgb(255, 255, 255);\">ScreenConnect 2025.4 patch disables ViewState and removes any dependency on it. </span><span style=\"background-color: rgb(255, 255, 255);\"> </span>", }, ], value: "ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. \nIt is important to note that to obtain these machine keys, privileged system level access must be obtained. \n\n\n\nIf these machine keys are compromised, attackers could create and send a malicious ViewState to the website, potentially leading to remote code execution on the server. \n\n\n\nThe risk does not originate from a vulnerability introduced by ScreenConnect, but from platform level behavior. This had no direct impact to ScreenConnect Client. ScreenConnect 2025.4 patch disables ViewState and removes any dependency on it.", }, ], impacts: [ { capecId: "CAPEC-115", descriptions: [ { lang: "en", value: "CAPEC-115 Authentication Bypass", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-287", description: "CWE-287 Improper Authentication", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-25T18:27:44.244Z", orgId: "7d616e1a-3288-43b1-a0dd-0a65d3e70a49", shortName: "ConnectWise", }, references: [ { url: "https://www.connectwise.com/company/trust/security-bulletins/screenconnect-security-patch-2025.4", }, { url: "https://www.connectwise.com/company/trust/advisories", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p></p><b>Cloud: </b>No action is required. <br><br><b>On-premises: </b>Upgrade to the latest stable version.<br>\n\n\n\n\n\n\n\n\n\n<p>Details and guidance can be found here:\n\n<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.connectwise.com/company/trust/security-bulletins/screenconnect-security-patch-2025.4\">ScreenConnect 25.2.4 Security Patch</a>\n\n</p>\n\n\n\n\n<br>", }, ], value: "Cloud: No action is required. \n\nOn-premises: Upgrade to the latest stable version.\n\n\n\n\n\n\n\n\n\n\nDetails and guidance can be found here:\n\n ScreenConnect 25.2.4 Security Patch https://www.connectwise.com/company/trust/security-bulletins/screenconnect-security-patch-2025.4", }, ], source: { discovery: "UNKNOWN", }, title: "ScreenConnect Exposure to ASP.NET ViewState Code Injection", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "7d616e1a-3288-43b1-a0dd-0a65d3e70a49", assignerShortName: "ConnectWise", cveId: "CVE-2025-3935", datePublished: "2025-04-25T18:27:44.244Z", dateReserved: "2025-04-25T14:32:25.365Z", dateUpdated: "2025-04-25T18:55:55.791Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-1709
Vulnerability from cvelistv5
Published
2024-02-21 15:36
Modified
2024-08-01 18:48
Severity ?
EPSS score ?
Summary
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel
vulnerability, which may allow an attacker direct access to confidential information or
critical systems.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ConnectWise | ScreenConnect |
Version: 0 < |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:connectwise:screenconnect:-:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "screenconnect", vendor: "connectwise", versions: [ { lessThanOrEqual: "23.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-1709", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-02-24T05:00:21.568850Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2024-02-22", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-1709", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2024-06-14T16:47:20.624Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T18:48:21.899Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8", }, { tags: [ "x_transferred", ], url: "https://www.huntress.com/blog/vulnerability-reproduced-immediately-patch-screenconnect-23-9-8", }, { tags: [ "x_transferred", ], url: "https://www.huntress.com/blog/detection-guidance-for-connectwise-cwe-288-2", }, { tags: [ "x_transferred", ], url: "https://www.bleepingcomputer.com/news/security/connectwise-urges-screenconnect-admins-to-patch-critical-rce-flaw/", }, { tags: [ "x_transferred", ], url: "https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc", }, { tags: [ "x_transferred", ], url: "https://github.com/rapid7/metasploit-framework/pull/18870", }, { tags: [ "x_transferred", ], url: "https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/", }, { tags: [ "x_transferred", ], url: "https://techcrunch.com/2024/02/21/researchers-warn-high-risk-connectwise-flaw-under-attack-is-embarrassingly-easy-to-exploit/", }, { tags: [ "x_transferred", ], url: "https://www.securityweek.com/connectwise-confirms-screenconnect-flaw-under-active-exploitation/", }, { tags: [ "x_transferred", ], url: "https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "ScreenConnect", vendor: "ConnectWise", versions: [ { changes: [ { at: "23.9.8", status: "unaffected", }, ], lessThanOrEqual: "23.9.7", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel\n\n vulnerability, which may allow an attacker direct access to confidential information or \n\n<span style=\"background-color: rgb(255, 255, 255);\">critical systems.</span>\n\n", }, ], value: "ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel\n\n vulnerability, which may allow an attacker direct access to confidential information or \n\ncritical systems.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-288", description: "CWE-288 Authentication bypass using an alternate path or channel", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-21T18:25:45.687Z", orgId: "9119a7d8-5eab-497f-8521-727c672e3725", shortName: "cisa-cg", }, references: [ { url: "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8", }, { url: "https://www.huntress.com/blog/vulnerability-reproduced-immediately-patch-screenconnect-23-9-8", }, { url: "https://www.huntress.com/blog/detection-guidance-for-connectwise-cwe-288-2", }, { url: "https://www.bleepingcomputer.com/news/security/connectwise-urges-screenconnect-admins-to-patch-critical-rce-flaw/", }, { url: "https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc", }, { url: "https://github.com/rapid7/metasploit-framework/pull/18870", }, { url: "https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/", }, { url: "https://techcrunch.com/2024/02/21/researchers-warn-high-risk-connectwise-flaw-under-attack-is-embarrassingly-easy-to-exploit/", }, { url: "https://www.securityweek.com/connectwise-confirms-screenconnect-flaw-under-active-exploitation/", }, { url: "https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass", }, ], source: { discovery: "UNKNOWN", }, title: "Authentication bypass using an alternate path or channel", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9119a7d8-5eab-497f-8521-727c672e3725", assignerShortName: "cisa-cg", cveId: "CVE-2024-1709", datePublished: "2024-02-21T15:36:03.960Z", dateReserved: "2024-02-21T15:05:07.113Z", dateUpdated: "2024-08-01T18:48:21.899Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-47257
Vulnerability from cvelistv5
Published
2024-02-01 00:00
Modified
2024-08-02 21:09
Severity ?
EPSS score ?
Summary
ConnectWise ScreenConnect through 23.8.4 allows man-in-the-middle attackers to achieve remote code execution via crafted messages.
References
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-47257", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-02-05T17:09:14.795900Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-05T17:22:53.633Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T21:09:36.050Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix", }, { tags: [ "x_transferred", ], url: "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "ConnectWise ScreenConnect through 23.8.4 allows man-in-the-middle attackers to achieve remote code execution via crafted messages.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-15T06:37:41.002591", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix", }, { url: "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-47257", datePublished: "2024-02-01T00:00:00", dateReserved: "2023-11-05T00:00:00", dateUpdated: "2024-08-02T21:09:36.050Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-47256
Vulnerability from cvelistv5
Published
2024-02-01 00:00
Modified
2024-08-02 21:09
Severity ?
EPSS score ?
Summary
ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers via implicit trust of proxy settings
References
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-47256", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-25T20:06:26.752571Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-25T20:07:01.604Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T21:09:35.899Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix", }, { tags: [ "x_transferred", ], url: "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers via implicit trust of proxy settings", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-15T06:37:42.572010", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix", }, { url: "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-47256", datePublished: "2024-02-01T00:00:00", dateReserved: "2023-11-05T00:00:00", dateUpdated: "2024-08-02T21:09:35.899Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2022-09-28 20:15
Modified
2024-11-21 07:13
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
ConnectWise ScreenConnect versions 22.6 and below contained a flaw allowing potential brute force attacks on custom access tokens due to inadequate rate-limiting controls in the default configuration. Attackers could exploit this vulnerability to gain unauthorized access by repeatedly attempting access code combinations. ConnectWise has addressed this issue in later versions by implementing rate-limiting controls as a preventive measure against brute force attacks.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@cyber.gov.il | https://www.gov.il/en/Departments/faq/cve_advisories | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.gov.il/en/Departments/faq/cve_advisories | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| connectwise | screenconnect | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:connectwise:screenconnect:*:*:*:*:*:*:*:*", matchCriteriaId: "3298FD82-256A-462F-BA65-FAF3DF1BC6ED", versionEndExcluding: "22.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "ConnectWise ScreenConnect versions 22.6 and below contained a flaw allowing potential brute force attacks on custom access tokens due to inadequate rate-limiting controls in the default configuration. Attackers could exploit this vulnerability to gain unauthorized access by repeatedly attempting access code combinations. ConnectWise has addressed this issue in later versions by implementing rate-limiting controls as a preventive measure against brute force attacks.", }, { lang: "es", value: "WiseConnect - Una Omisión de Código de Cesión de ScreenConnect. Un atacante tendría que usar un proxy para monitorizar el tráfico, y llevar a cabo una fuerza bruta en el código de sesión para poder entrar. Datos confidenciales sobre la empresa , entrar en una sesión", }, ], id: "CVE-2022-36781", lastModified: "2024-11-21T07:13:42.880", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "cna@cyber.gov.il", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-09-28T20:15:11.857", references: [ { source: "cna@cyber.gov.il", tags: [ "Third Party Advisory", ], url: "https://www.gov.il/en/Departments/faq/cve_advisories", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.gov.il/en/Departments/faq/cve_advisories", }, ], sourceIdentifier: "cna@cyber.gov.il", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-307", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-21 16:15
Modified
2025-01-27 21:48
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel
vulnerability, which may allow an attacker direct access to confidential information or
critical systems.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| connectwise | screenconnect | * |
{ cisaActionDue: "2024-02-29", cisaExploitAdd: "2024-02-22", cisaRequiredAction: "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", cisaVulnerabilityName: "ConnectWise ScreenConnect Authentication Bypass Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:connectwise:screenconnect:*:*:*:*:*:*:*:*", matchCriteriaId: "26FEBC12-2B0F-4F8F-BCB8-03683D71B37F", versionEndExcluding: "23.9.8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel\n\n vulnerability, which may allow an attacker direct access to confidential information or \n\ncritical systems.\n\n", }, { lang: "es", value: "ConnectWise ScreenConnect 23.9.7 y versiones anteriores se ven afectados por una vulnerabilidad de omisión de autenticación mediante una ruta o canal alternativo, que puede permitir a un atacante acceder directamente a información confidencial o sistemas críticos.", }, ], id: "CVE-2024-1709", lastModified: "2025-01-27T21:48:25.323", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "9119a7d8-5eab-497f-8521-727c672e3725", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-21T16:15:50.420", references: [ { source: "9119a7d8-5eab-497f-8521-727c672e3725", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/rapid7/metasploit-framework/pull/18870", }, { source: "9119a7d8-5eab-497f-8521-727c672e3725", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc", }, { source: "9119a7d8-5eab-497f-8521-727c672e3725", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://techcrunch.com/2024/02/21/researchers-warn-high-risk-connectwise-flaw-under-attack-is-embarrassingly-easy-to-exploit/", }, { source: "9119a7d8-5eab-497f-8521-727c672e3725", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://www.bleepingcomputer.com/news/security/connectwise-urges-screenconnect-admins-to-patch-critical-rce-flaw/", }, { source: "9119a7d8-5eab-497f-8521-727c672e3725", tags: [ "Vendor Advisory", ], url: "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8", }, { source: "9119a7d8-5eab-497f-8521-727c672e3725", tags: [ "Third Party Advisory", ], url: "https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/", }, { source: "9119a7d8-5eab-497f-8521-727c672e3725", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass", }, { source: "9119a7d8-5eab-497f-8521-727c672e3725", tags: [ "Third Party Advisory", ], url: "https://www.huntress.com/blog/detection-guidance-for-connectwise-cwe-288-2", }, { source: "9119a7d8-5eab-497f-8521-727c672e3725", tags: [ "Third Party Advisory", ], url: "https://www.huntress.com/blog/vulnerability-reproduced-immediately-patch-screenconnect-23-9-8", }, { source: "9119a7d8-5eab-497f-8521-727c672e3725", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://www.securityweek.com/connectwise-confirms-screenconnect-flaw-under-active-exploitation/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/rapid7/metasploit-framework/pull/18870", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://techcrunch.com/2024/02/21/researchers-warn-high-risk-connectwise-flaw-under-attack-is-embarrassingly-easy-to-exploit/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://www.bleepingcomputer.com/news/security/connectwise-urges-screenconnect-admins-to-patch-critical-rce-flaw/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.huntress.com/blog/detection-guidance-for-connectwise-cwe-288-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.huntress.com/blog/vulnerability-reproduced-immediately-patch-screenconnect-23-9-8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "https://www.securityweek.com/connectwise-confirms-screenconnect-flaw-under-active-exploitation/", }, ], sourceIdentifier: "9119a7d8-5eab-497f-8521-727c672e3725", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-288", }, ], source: "9119a7d8-5eab-497f-8521-727c672e3725", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-01 22:15
Modified
2024-11-21 08:30
Severity ?
Summary
ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers via implicit trust of proxy settings
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| connectwise | automate | - | |
| connectwise | screenconnect | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:connectwise:automate:-:*:*:*:*:*:*:*", matchCriteriaId: "1EE4186A-BC6E-4E27-887C-D9C4FBBE5943", vulnerable: true, }, { criteria: "cpe:2.3:a:connectwise:screenconnect:*:*:*:*:*:*:*:*", matchCriteriaId: "2B3CC076-9C69-45B8-81E8-E671B6512719", versionEndExcluding: "23.8.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers via implicit trust of proxy settings", }, { lang: "es", value: "ConnectWise ScreenConnect hasta 23.8.4 permite a los usuarios locales conectarse a servidores de retransmisión arbitrarios mediante la confianza implícita en la configuración del proxy", }, ], id: "CVE-2023-47256", lastModified: "2024-11-21T08:30:03.873", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-01T22:15:55.103", references: [ { source: "cve@mitre.org", url: "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-21 16:15
Modified
2024-11-21 08:51
Severity ?
8.4 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
Summary
ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker
the ability to execute remote code or directly impact confidential data or critical systems.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| connectwise | screenconnect | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:connectwise:screenconnect:*:*:*:*:*:*:*:*", matchCriteriaId: "26FEBC12-2B0F-4F8F-BCB8-03683D71B37F", versionEndExcluding: "23.9.8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker \n\nthe ability to execute remote code or directly impact confidential data or critical systems.\n\n", }, { lang: "es", value: "ConnectWise ScreenConnect 23.9.7 y versiones anteriores se ven afectados por una vulnerabilidad de path traversal, que puede permitir a un atacante ejecutar código remoto o afectar directamente a datos confidenciales o sistemas críticos.", }, ], id: "CVE-2024-1708", lastModified: "2024-11-21T08:51:08.173", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "9119a7d8-5eab-497f-8521-727c672e3725", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-21T16:15:50.233", references: [ { source: "9119a7d8-5eab-497f-8521-727c672e3725", tags: [ "Vendor Advisory", ], url: "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8", }, { source: "9119a7d8-5eab-497f-8521-727c672e3725", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass", }, ], sourceIdentifier: "9119a7d8-5eab-497f-8521-727c672e3725", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "9119a7d8-5eab-497f-8521-727c672e3725", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-01 22:15
Modified
2024-11-21 08:30
Severity ?
Summary
ConnectWise ScreenConnect through 23.8.4 allows man-in-the-middle attackers to achieve remote code execution via crafted messages.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| connectwise | automate | - | |
| connectwise | screenconnect | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:connectwise:automate:-:*:*:*:*:*:*:*", matchCriteriaId: "1EE4186A-BC6E-4E27-887C-D9C4FBBE5943", vulnerable: true, }, { criteria: "cpe:2.3:a:connectwise:screenconnect:*:*:*:*:*:*:*:*", matchCriteriaId: "2B3CC076-9C69-45B8-81E8-E671B6512719", versionEndExcluding: "23.8.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "ConnectWise ScreenConnect through 23.8.4 allows man-in-the-middle attackers to achieve remote code execution via crafted messages.", }, { lang: "es", value: "ConnectWise ScreenConnect hasta la versión 23.8.4 permite a atacantes de man in the middle lograr la ejecución remota de código a través de mensajes manipulados.", }, ], id: "CVE-2023-47257", lastModified: "2024-11-21T08:30:04.067", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-01T22:15:55.170", references: [ { source: "cve@mitre.org", url: "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }