Lucene search

PRIOn knowledge basePRION:CVE-2023-25719

HistoryFeb 13, 2023 - 8:15 p.m.

Code injection

2023-02-1320:15:00

PRIOn knowledge base

www.prio-n.com

code injection

connectwise control

validation failure

reflected data

malicious code

executable

denial-of-service

9.4 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.3%

JSON

ConnectWise Control before 22.9.10032 (formerly known as ScreenConnect) fails to validate user-supplied parameters such as the Bin/ConnectWiseControl.Client.exe h parameter. This results in reflected data and injection of malicious code into a downloaded executable. The executable can be used to execute malicious queries or as a denial-of-service vector. NOTE: this CVE Record is only about the parameters, such as the h parameter (this CVE Record is not about the separate issue of signed executable files that are supposed to have unique configurations across customers’ installations).

CPENameOperatorVersion
controllt22.9.10032

CPE	Name	Operator	Version
	control	lt	22.9.10032

References

cybir.com/2022/cve/hijacking-connectwise-control-and-ddos/

www.connectwise.com

www.connectwise.com/blog/cybersecurity/the-importance-of-responsible-security-disclosures

www.huntress.com/blog/clearing-the-air-overblown-claims-of-vulnerabilities-exploits-severity