virus logo Threat Signal Report

ConnectWise ScreenConnect Vulnerabilities

What is the Vulnerability?

On February 19, 2024, ConnectWise published a security advisory for their remote desktop application software called ScreenConnect. One of the flaws, CVE-2024-1709 is an authentication bypass vulnerability that could let attackers gain administrative access to a ScreenConnect instance. That vulnerability has a public proof-of-concept (PoC) available and recently been added to CISA's known exploited catalog. The second flaw tracked as CVE-2024-1708 is a path traversal vulnerability that may allow an attacker to execute remote code.

What is the Vendor Solution?

ConnectWise has released a patch covering both vulnerabilities. [ Link ]

What FortiGuard Coverage is available?

FortiGuard Labs has released endpoint vulnerability signatures to detect vulnerable systems running on the network.
FortiGuard Labs recommends companies to apply the most recent upgrade or patch from the vendor as soon as possible.

description-logoOutbreak Alert

Threat actors including ransomware gangs are seen exploiting newly discovered critical flaws in remote monitoring and management software called ScreenConnect.

View the full Outbreak Alert Report

A new alert from CISA, the FBI, the Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) reveals that Black Basta affiliates have attacked 12 of the 16 critical infrastructure sectors, including healthcare organizations.

View the full Outbreak Alert Report

Additional Resources

Connectwise (Advisory and Mitigation)


Released Date Feb 22, 2024
Tags ConnectWise ScreenConnect Attack Black Basta Ransomware Threat Signal Vulnerability
CVE ID

Experienced a Breach? We're here to help

FortiGuard Incident Response Services
FortiGuard Incident Response Services
Outbreak Alert Outbreak Alert
About FortiGuard Threat Signal

Learn More »