Understanding the ConnectWise ScreenConnect CVE-2024-1709 & CVE-2024-1708 | Huntress
Tags
attack-pattern: Credentials - T1589.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID 6981547d-07cb-49d9-96b6-a12a142a81a8
Fingerprint ac0f18f0e9a6ec83
Analysis status DONE
Considered CTI value 0
Text language
Published Feb. 19, 2024, midnight
Added to db Aug. 31, 2024, 9:41 a.m.
Last updated Nov. 7, 2024, 2:51 p.m.
Headline A Catastrophe For Control: Understanding the ScreenConnect Authentication Bypass (CVE-2024-1709 & CVE-2024-1708)
Title Understanding the ConnectWise ScreenConnect CVE-2024-1709 & CVE-2024-1708 | Huntress
Detected Hints/Tags/Attributes 36/1/7
Source URLs
Redirection Url
Details Source https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass
URL Provider
Details Provider Source level domain
Details huntress.com www.huntress.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 318 Huntress Blog https://www.huntress.com/blog/rss.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 29 
cve-2024-1709
Details CVE 25 
cve-2024-1708
Details File 6 
setupwizard.aspx
Details File 11 
web.dll
Details File 1 
something.aspx
Details File 3 
screenconnect.core
Details File 5 
server.dll