1. Главная
2. Sheridan Computers

ConnectWise ScreenConnect Remote Code Execution Vulnerability (RCE) - CVS 10.0 - WARNING PATCH NOW!!

On February 19, 2024 ConnectWise disclosed two vulnerabilities in their ScreenConnect remote access software. Both vulnerabilities affect ScreenConnect 23.9.7 and earlier. Neither vulnerability had a CVE assigned at time of disclosure, but as of February 21, CVEs have been assigned to both issues mentioned in ConnectWise’s advisory

ScreenConnect CVE:
CVE-2024-1709 - An authentication bypass using an alternate path or channel (CVSS 10)
CVE-2024-1708 - A path traversal issue (CVSS 8.4)

This is my first live stream so please bear with me, in this live stream I wanted to bring awareness to the recent vulnerability discovered in ConnectWise ScreenConnect versions 23.9.7 and below.

"Let's talk about it" will be a regular live stream where I'll start off discussing recent IT and cybersecurity related topics where people are also welcome to join in and interact. Please let me know in the comments if this is something that would be useful.

The cloud hosted version of ScreenConnect has already been patched by ConnectWise, for self-hosted versions it is strongly recommended (insisted upon) to upgrade to v23.9.8. The vulnerability trivial to exploit and provides administrator access to vulnerable ScreenConnect instances.

=== SUPPORT OUR CHANNEL ===
Support our channel by joining our YouTube channel membership to donate a small amount each month. Not only does your support help us continue creating content you love, but as a channel member, you'll also enjoy early access to our videos. While our videos are scheduled for regular days and times, becoming a channel member allows you to watch them as soon as they are uploaded. Your support truly makes all the difference!

Channel Membership:
👍 https://www.youtube.com/@sheridans/join

Patreon:
💳 https://go.sheridan.uk/patreon

=== GET IN TOUCH ===
📣 Hire Us: Hire us for a Project
https://go.sheridan.uk/hire

📣 Forums: Discussion on Videos
https://go.sheridan.uk/forum

📣 Facebook: Follow Us on Facebook
https://go.sheridan.uk/fb

📣 LinkedIn: Connect with us on LinkedIn
https://go.sheridan.uk/linkedin

📣 Twitter: Get in touch on X (Twitter)
https://go.sheridan.uk/x

📣 Website: Our Website
https://sheridancomputers.co.uk/
===

=== AFFILIATES & REFERRALS ===
This video is NOT sponsored. Some product links are affiliate links which means if you buy something we'll receive a small commission.

Sheridan Computers Swag Store on Amazon:
https://go.sheridan.uk/swag

🛍️ Amazon Affiliate Store: Products We Use
https://go.sheridan.uk/amazon

AUDIO AND VIDEO
🎧 AE Juice: animation tools, plugins and presets
https://go.sheridan.uk/aejuice

CLOUD HOSTING, SERVERS AND STORAGE
☁️ Digital Ocean: VPS & Storage
https://go.sheridan.uk/ocean

☁️ HostiFi: Cloud UniFi Controllers
https://go.sheridan.uk/hostifi

☁️ Vultr: VPS & Storage
https://go.sheridan.uk/vultr
===

play_arrow

5,274

186

Configuración inicial RAID 5 NAS QNAP TS-877 | JMramirez

play_arrow

853

74

CYPHER FINDS OMEN || VALORANT FAN-MADE AUDIO

play_arrow

43,379

like

BROWN UNIVERSITY Tour - Providence, Rhode Island - Drone Video

play_arrow

2,897

12

Hama Kamerarucksack "Profitour", 180

play_arrow

24

0

дреш Trim 1906969

play_arrow

261

14

Bird Dogs

play_arrow

2,621,948

127 тыс

3 ДНЯ БЕЗ ЕДЫ | Привязан к стулу | Сорвал эксперимент

play_arrow

47,300

1.5 тыс

Проект дома