ConnectWise patches new flaw allowing ScreenConnect hijacking
Summary
ConnectWise has released a patch for a critical vulnerability in its ScreenConnect remote access software. The flaw, a cryptographic signature verification issue, could allow attackers to gain unauthorized access and escalate privileges on affected systems. The company is urging all ScreenConnect customers to update their software immediately to mitigate the risk.
IFF Assessment
This vulnerability allows attackers to hijack ScreenConnect, a tool often used by IT professionals for legitimate remote management, turning it into a powerful attack vector for unauthorized access and privilege escalation.
Severity
Defender Context
This highlights the critical need for prompt patching of remote access software, as vulnerabilities in these tools can provide attackers with direct access to an organization's network. Defenders should monitor for indicators of compromise related to ScreenConnect and ensure all managed endpoints are running the latest security updates.