- Posted February 22, 2024
- Cyber Security Alerts
- Technical Advisories
The NCSC would like to draw your attention to two CVEs affecting all versions of ConnectWise ScreenConnect before 23.9.8(external link). The NCSC is aware of open-source reporting of active exploitation and a proof of concept.
- CVE-2024-1709 has a CVSS of 10.0 and is an authentication bypass vulnerability using an alternative path or channel. It may allow an attacker direct access to confidential information or critical systems. At the time of publishing this alert, the vendor advisory refers to this vulnerability as CWE-288.
- CVE-2024-1708 has a CVSS of 8.4 and is a path traversal vulnerability. It may allow an attacker the ability to execute remote code or directly impact confidential data or critical systems. At the time of publishing this alert, the vendor advisory refers to this vulnerability as CWE-22.
The NCSC encourages organisations in New Zealand that use the affected products to review the vendor advisory(external link) and apply the relevant patches as soon as possible if they have not done so already. In particular, organisations who have on-premise instances of ScreenConnect. The NCSC also recommends investigation into systems for potential indicators of compromise (IoCs).
If your organisation has seen or does see evidence of compromise related to these vulnerabilities, please contact: incidents@ncsc.govt.nz
For more NCSC NZ updates, follow us on LinkedIn(external link).
Received an alert or advisory from both CERT NZ and NCSC? At present, we use both brands and a range of distribution mechanisms to ensure everyone continues to receive the information they need. Behind the scenes, our teams continue to work together to share insights and align our guidance.