157 matches found
EUVD-2026-12574
A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios...
CVE-2026-3564
A condition in the ScreenConnect server component may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios. ScreenConnect host and guest client agents are not independently...
CVE-2026-3564 ScreenConnect Instance Level Cryptographic Material Exposure
A condition in the ScreenConnect server component may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios. ScreenConnect host and guest client agents are not independently...
CVE-2026-3564 ScreenConnect Instance Level Cryptographic Material Exposure
A condition in the ScreenConnect server component may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios. ScreenConnect host and guest client agents are not independently...
CVE-2026-3564
CVE-2026-3564 affects ConnectWise ScreenConnect. A condition in ScreenConnect may allow an attacker who already has access to server‑level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios. Red Hat, EUVD, NVD, and CVE...
CVE-2026-3564
A condition in the ScreenConnect server component may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios. ScreenConnect host and guest client agents are not independently...
ConnectWise ScreenConnect 安全漏洞
ConnectWise ScreenConnect is a self-hosted remote desktop software application developed by ConnectWise. There is a security vulnerability in ConnectWise ScreenConnect, which arises from the possibility that participants with server-level authentication encryption materials may gain unauthorized...
VulnCheck KEV: CVE-2026-3564
A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios...
PT-2026-25901
Name of the Vulnerable Software and Affected Versions ScreenConnect versions prior to 26.1 Description A flaw in ScreenConnect could allow an attacker with access to server-level cryptographic material used for authentication to gain unauthorized access, potentially including elevated privileges...
Signed malware impersonating workplace apps deploys RMM backdoors
In February 2026, Microsoft Defender Experts identified multiple phishing campaigns attributed to an unknown threat actor. The campaigns used workplace meeting lures, PDF attachments, and abuse of legitimate binaries to deliver signed malware. Phishing emails directed users to download malicious...
Hackers Abuse ScreenConnect to Hijack PCs via Fake Social Security Emails
Forcepoint X-labs reveals how hackers use fake SSA emails and hijacked ScreenConnect tools to bypass Windows security to target UK, US, and Canadian organisations...
How fake party invitations are being used to install remote access tools
“You’re invited!” It sounds friendly, familiar and quite harmless. But in a scam we recently spotted, that simple phrase is being used to trick victims into installing a full remote access tool on their Windows computers—giving attackers complete control of the system. What appears to be a casual...
CVE-2025-14823
In deployments using the ScreenConnect™ Certificate Signing Extension, encrypted configuration values including an Azure Key Vault-related key, could be returned to unauthenticated users through a client-facing endpoint under certain conditions. The values remained encrypted and securely stored a...
EUVD-2025-204299
In deployments using the ScreenConnect™ Certificate Signing Extension, encrypted configuration values including an Azure Key Vault-related key, could be returned to unauthenticated users through a client-facing endpoint under certain conditions. The values remained encrypted and securely stored a...
CVE-2025-14823
In deployments using the ScreenConnect™ Certificate Signing Extension, encrypted configuration values including an Azure Key Vault-related key, could be returned to unauthenticated users through a client-facing endpoint under certain conditions. The values remained encrypted and securely stored a...
CVE-2025-14823
In deployments using the ScreenConnect™ Certificate Signing Extension, encrypted configuration values including an Azure Key Vault-related key, could be returned to unauthenticated users through a client-facing endpoint under certain conditions. The values remained encrypted and securely stored a...
CVE-2025-14823 Certificate Signing Extension Returns Encrypted Values
In deployments using the ScreenConnect™ Certificate Signing Extension, encrypted configuration values including an Azure Key Vault-related key, could be returned to unauthenticated users through a client-facing endpoint under certain conditions. The values remained encrypted and securely stored a...
PT-2025-52259
Name of the Vulnerable Software and Affected Versions ScreenConnect versions prior to 1.0.12 Description In deployments utilizing the Certificate Signing Extension, encrypted configuration values, potentially including an Azure Key Vault-related key, could be disclosed to unauthenticated users vi...
ConnectWise ScreenConnect 安全漏洞
ConnectWise ScreenConnect is a self-hosted remote desktop software application from ConnectWise. A security vulnerability exists in ConnectWise ScreenConnect that stems from mishandling of the certificate signing extension configuration, which could lead to the disclosure of encrypted configurati...
CVE-2025-14265
In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within the extension subsystem could allow the installation and execution of untrusted or arbitrary extensions by authorized or administrative users. Abuse of this behavior could result in the execution of...