all InfoSec news
Critical ScreenConnect Flaw Under Active Exploitation
Malware Analysis, News and Indicators - Latest topics malware.news
Attackers are actively exploiting the critical authentication bypass in the ConnectWise ScreenConnect software disclosed on Monday and there is now proof-of-concept exploit code available for the flaw, as well.
The flaw affects all versions of ScreenConnect below 23.9.8 and researchers who’ve analyzed it found that the bug is quite easy to exploit, and there are reports of confirmed exploitation of vulnerable instances by several research and incident response teams. The Shadowserver Foundation has identified about 3,800 vulnerable instances of ScreenConnect …
attackers authentication authentication bypass bug bypass code concept connectwise critical easy exploit exploitation exploit code exploiting flaw found monday proof proof-of-concept researchers screenconnect software under