Detections
Analytics

CVE-2024-1708

critical

Description

ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker the ability to execute remote code or directly impact confidential data or critical systems.

References

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-1708

https://thehackernews.com/2026/04/cisa-adds-actively-exploited.html

https://securityaffairs.com/191442/security/u-s-cisa-adds-microsoft-windows-shell-and-connectwise-screenconnect-flaws-to-its-known-exploited-vulnerabilities-catalog.html

https://www.cisa.gov/news-events/alerts/2026/04/28/cisa-adds-two-known-exploited-vulnerabilities-catalog

https://thehackernews.com/2026/04/china-linked-storm-1175-exploits-zero.html

https://securityaffairs.com/190440/cyber-crime/fast-moving-storm-1175-uses-new-exploits-to-breach-networks-and-drop-medusa.html

https://www.microsoft.com/en-us/security/blog/2026/04/06/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-operations/

https://www.bleepingcomputer.com/news/security/microsoft-links-medusa-ransomware-affiliate-to-zero-day-attacks/

https://thehackernews.com/2025/05/connectwise-hit-by-cyberattack-nation.html

https://securityaffairs.com/178442/hacking/connectwise-cyberattack-sophisticated-nation-state-actor.html

https://arcticwolf.com/resources/blog-uk/arctic-wolf-observes-campaign-exploiting-simplehelp-rmm-software-initial-access/

https://securelist.com/vulnerability-report-q1-2024/112554/

https://www.bleepingcomputer.com/news/security/screenconnect-flaws-exploited-to-drop-new-toddleshark-malware/

https://securityaffairs.com/159640/cyber-crime/black-basta-bl00dy-ransomware-connectwise-screenconnect.html

https://www.trendmicro.com/en_us/research/24/b/threat-actor-groups-including-black-basta-are-exploiting-recent-.html

https://www.mandiant.com/resources/blog/connectwise-screenconnect-hardening-remediation

https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass

https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8

Details

Source: Mitre, NVD

Published: 2024-02-21

Updated: 2026-04-28

Known Exploited Vulnerability (KEV)

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.4

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

Severity: High

CVSS v4

Base Score: 9.3

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Severity: Critical

EPSS

EPSS: 0.83951

Vulnerability Watch

Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.

Vulnerability of Concern