CVE-2024-1709 is a path traversal authentication bypass in ConnectWise ScreenConnect exploited within hours of disclosure. Attackers are deploying ransomware and infostealers. Patch to 23.9.8+ immediately. If unpatched since February 20, 2024, assume full compromise and perform incident response.
ConnectWise ScreenConnect Authentication Bypass vulnerability allows unauthenticated attackers to create admin accounts.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →