ConnectWise Releases Critical Security Update for ScreenConnect


ConnectWise has released a security update addressing two vulnerabilities in on-premise ScreenConnect deployments.

The update addresses a critical authentication bypass vulnerability with a CVSSv3 score of 10 and a path traversal vulnerability with a CVSSv3 score of 8.4. A remote unauthenticated attacker could exploit these vulnerabilities to read arbitrary files, gain root access on the underlying operating system, and execute arbitrary code.

Read more…
Source: NHS Digital