all InfoSec news
ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709)
Feb. 26, 2024, 5:43 p.m. |
FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com
On February 19, 2024, ConnectWise published a security advisory for their remote desktop application software called ScreenConnect. One of the flaws, CVE-2024-1709 is an authentication bypass vulnerability that could let attackers gain administrative access to a ScreenConnect instance. That vulnerability has a public proof-of-concept (PoC) available and recently been added to CISA's known exploited catalog. The second flaw tracked as CVE-2024-1708 is a path traversal vulnerability that may allow an attacker to execute remote code.
What …
access advisory application attackers authentication authentication bypass bypass bypass vulnerability called concept connectwise connectwise screenconnect cve cve-2024-1708 cve-2024-1709 desktop desktop application february flaws instance poc proof proof-of-concept public remote desktop screenconnect security security advisory software vulnerabilities vulnerability what is
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Director, Cybersecurity - Governance, Risk and Compliance (GRC)
@ Stanley Black & Decker | New Britain CT USA - 1000 Stanley Dr
Information Security Risk Metrics Lead
@ Live Nation Entertainment | Work At Home-Connecticut
IT Product Owner - Enterprise DevSec Platform (d/f/m)
@ Airbus | Hamburg - Finkenwerder
Senior Information Security Specialist
@ Arthur Grand Technologies Inc | Arlington, VA, United States
Information Security Controls SME
@ Sword | Aberdeen, Scotland, United Kingdom