19 matches found
ConnectWise ScreenConnect 23.9.7 - Authentication Bypass
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems. id: CVE-2024-1709 info: name: ConnectWise ScreenConnect 23.9.7 -...
Exploit for Authentication Bypass Using an Alternate Path or Channel in Connectwise Screenconnect
Mass-CVE-2024-1709 Original: https://github.com/W01fh4cker/S...
China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws
A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of delivering additional backdoors on compromised Linux hosts as part of an "aggressive" campaign. Google-owned Mandiant is tracking the activity under its...
Hackers Exploit ConnectWise ScreenConnect Flaws to Deploy TODDLERSHARK Malware
North Korean threat actors have exploited the recently disclosed security flaws in ConnectWise ScreenConnect to deploy a new malware called TODDLERSHARK. According to a report shared by Kroll with The Hacker News, TODDLERSHARK overlaps with known Kimsuky malware such as BabyShark and ReconShark...
Metasploit Weekly Wrap-Up 03/01/2024
Connect the dots from authentication bypass to remote code execution This week, our very own sfewer-r7 added a new exploit module that leverages an authentication bypass vulnerability in ConnectWise ScreenConnect to achieve remote code execution. This vulnerability, CVE-2024-1709, affects all...
Attacks, Vulnerabilities and Actors 19 to 25 February 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of fifteen attacks were executed, five vulnerabilities were uncovered, and five active adversaries...
Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities
This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry...
ConnectWise ScreenConnect Unauthenticated Remote Code Execution
This module exploits an authentication bypass vulnerability that allows an unauthenticated attacker to create a new administrator user account on a vulnerable ConnectWise ScreenConnect server. The attacker can leverage this to achieve RCE by uploading a malicious extension module. All versions of...
Update now! ConnectWise ScreenConnect vulnerability needs your attention
ConnectWise is warning self-hosted and on-premise customers that they need to take immediate action to remediate a critical vulnerability in its ScreenConnect remote desktop software. This software is typically used in data-centers and for remote assistance. Together ConnectWise’s partners manage...
ConnectWise ScreenConnect Service < 23.9.8 Multiple Vulnerabilities
According to its version, the ConnectWise ScreenConnect Service remote access software installed on the remote Windows host is prior to 23.9.8. It is, therefore affected by multiple vulnerabilities: - A path-traversal vulnerability which may allow an attacker the ability to execute remote code or...
CVE-2024-1709
creationtimestamp| type| source ---|---|--- 2024-02-21 17:22:11+00:00| seen| https://t.me/ctinow/189798 2024-02-21 17:31:31+00:00| seen| https://t.me/ctinow/189812 2024-02-21 18:52:29+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/6653 2024-02-22 03:16:53+00:00| seen|...
CVE-2024-27215
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-1709. Reason: This candidate is a duplicate of CVE-2024-1709. Notes: All CVE users should reference CVE-2024-1709 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-1709. Reason: This candidate is a duplicate of CVE-2024-1709. Notes: All CVE users should reference CVE-2024-1709 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2024-1709 Authentication bypass using an alternate path or channel
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems...
CVE-2024-1709 Authentication bypass using an alternate path or channel
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems...
CVE-2024-1709
CVE-2024-1709 affects ConnectWise ScreenConnect (23.9.7 and earlier). It is an Authentication Bypass Using an Alternate Path or Channel that can grant direct access to confidential information or critical systems. Multiple sources indicate active exploitation and urge patching; ConnectWise releas...
Exploit for Authentication Bypass Using an Alternate Path or Channel in Connectwise Screenconnect
How to use I'm using Python3.9 pip install requests...
Exploit for Path Traversal in Connectwise Screenconnect
CVE-2024-1708 and CVE-2024-1709 A Proof of Concept developed...
CVE-2024-1709
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems. Recent assessments: sfewer-r7 at February 22, 2024 4:54pm UTC reported:...