https://www.techrepublic.com/article/connectwise-screenconnect-vulnerability/
…Two new vulnerabilities impact ConnectWise ScreenConnect, remote desktop and access software used for support: CVE-2024-1709 and CVE-2024-1708, with the former being particularly dangerous for organizations.
The CVE-2024-1709 vulnerability, which affects ScreenConnect 23.9.7 and prior, allows any remote attacker to bypass authentication to delete the ScreenConnect user database and get control of an admin user. Massive exploitation by attackers is ongoing in the wild, with more than 3,000 vulnerable instances reachable from the internet. Security companies have observed ransomware, information stealers and Cobalt Strike payloads, to name a few, being installed after successful exploitation of the vulnerability.
The CVE-2024-1708 vulnerability, which is not as severe as CVE-2024-1709, allows path traversal, which enables an attacker to access files and directories that should not be accessible…
