CISA KEV 정보
| 취약점명 | ConnectWise ScreenConnect Authentication Bypass Vulnerability |
|---|---|
| 설명 | ConnectWise ScreenConnect contains an authentication bypass vulnerability that allows an attacker with network access to the management interface to create a new, administrator-level account on affected devices. |
| 조치사항 | Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. |
| 랜섬웨어 캠페인 악용 | Known |
| CWE | CWE-288 |
| 등록일 (KEV) | 2024-02-22 |
| 조치 기한 | 2024-02-29 |
| 추가 참고 | https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8; https://nvd.nist.gov/vuln/detail/CVE-2024-1709 |
NVD 상세 정보
CVSS v3.1: 10.0 CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H설명: ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems.
CWE: CWE-288
참조
- https://github.com/rapid7/metasploit-framework/pull/18870 [Issue Tracking, Patch, Third Party Advisory]
- https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc [Exploit, Third Party Advisory]
- https://techcrunch.com/2024/02/21/researchers-warn-high-risk-connectwise-flaw-under-attack-is-embarrassingly-easy-to-exploit/ [Press/Media Coverage, Third Party Advisory]
- https://www.bleepingcomputer.com/news/security/connectwise-urges-screenconnect-admins-to-patch-critical-rce-flaw/ [Press/Media Coverage, Third Party Advisory]
- https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8 [Vendor Advisory]
- https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/ [Third Party Advisory]
- https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass [Exploit, Third Party Advisory]
- https://www.huntress.com/blog/detection-guidance-for-connectwise-cwe-288-2 [Exploit, Third Party Advisory]
- https://www.huntress.com/blog/vulnerability-reproduced-immediately-patch-screenconnect-23-9-8 [Third Party Advisory]
- https://www.securityweek.com/connectwise-confirms-screenconnect-flaw-under-active-exploitation/ [Press/Media Coverage, Third Party Advisory]
- https://github.com/rapid7/metasploit-framework/pull/18870 [Issue Tracking, Patch, Third Party Advisory]
- https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc [Exploit, Third Party Advisory]
- https://techcrunch.com/2024/02/21/researchers-warn-high-risk-connectwise-flaw-under-attack-is-embarrassingly-easy-to-exploit/ [Press/Media Coverage, Third Party Advisory]
- https://www.bleepingcomputer.com/news/security/connectwise-urges-screenconnect-admins-to-patch-critical-rce-flaw/ [Press/Media Coverage, Third Party Advisory]
- https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8 [Vendor Advisory]
- ... 외 6건
This product uses the NVD API but is not endorsed or certified by the NVD.