all InfoSec news
ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709)
May 7, 2024, 3:26 a.m. |
FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com
On February 19, 2024, ConnectWise published a security advisory for their remote desktop application software called ScreenConnect. One of the flaws, CVE-2024-1709 is an authentication bypass vulnerability that could let attackers gain administrative access to a ScreenConnect instance. That vulnerability has a public proof-of-concept (PoC) available and recently been added to CISA's known exploited catalog. The second flaw tracked as CVE-2024-1708 is a path traversal vulnerability that may allow an attacker to execute remote code.
What …
access advisory application attackers authentication authentication bypass bypass bypass vulnerability called concept connectwise connectwise screenconnect cve cve-2024 cve-2024-1708 cve-2024-1709 desktop desktop application february flaws instance poc proof proof-of-concept public remote desktop screenconnect security security advisory software vulnerabilities vulnerability what is
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report
Tinyproxy use-after-free Vulnerability (CVE-2023-49606)
1 week, 2 days ago |
fortiguard.fortinet.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Security Operations Manager-West Coast
@ The Walt Disney Company | USA - CA - 2500 Broadway Street
Vulnerability Analyst - Remote (WFH)
@ Cognitive Medical Systems | Phoenix, AZ, US | Oak Ridge, TN, US | Austin, TX, US | Oregon, US | Austin, TX, US
Senior Mainframe Security Administrator
@ Danske Bank | Copenhagen V, Denmark