iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The Australian Cyber Security Centre says patch now to avoid active exploitation of path traversal and authentication bypass vulnerabilities.
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has released a critical alert regarding a vulnerability in ConnectWise’s ScreenConnect software.
The bug impacts version 23.9.7 and earlier and is present on every platform the remote desktop application runs on.
The vulnerability in question, tracked as CVE-2024-1709, could allow a threat actor to create an account with admin privileges and then run arbitrary code.
The ACSC recommends that any users of ScreenConnect should be on the lookout for newly created admin accounts and update to a patched version as soon as possible.
Worryingly, ConnectWise is aware of active exploitation of the vulnerability since it was first reported on 13 February.
“We’ve received notifications of suspicious activity that our incident response team has investigated,” ConnectWise said in a security bulletin. “The following IP addresses were used by threat actors. We are making them available for protection and defence.”
Suspicious IPs:
155.133.5.15
155.133.5.14
118.69.65.60
ConnectWise said it “will continue to update with any further information as it becomes available”.
It’s a trickier issue as many organisations using ScreenConnect are no longer “under maintenance”. But ConnectWise has a workaround.
“ConnectWise has taken an exception step to support partners no longer under maintenance by making them eligible to install version 22.4 at no additional cost, which will fix CVE-2024-1709, the critical vulnerability,” ConnectWise said.
“However, this should be treated as an interim step. ConnectWise recommends on-premise partners upgrade to remain within maintenance to gain access to all security and product enhancements.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
