www.connectwise.com Open in urlscan Pro
2606:4700:4400::6812:2188  Public Scan

URL: https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8
Submission: On February 28 via api from IN — Scanned from DE

Form analysis 4 forms found in the DOM

/search

<form class="site-header__search-form" action="/search" style="" __bizdiag="113" __biza="WJ__">
  <input type="search" name="q" placeholder="Search" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" class="site-header__search-input" style="">
  <button class="site-header__search-submit" type="submit">
    <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 253.78 254.46">
      <path style="fill: #333;" class="cls-1"
        d="M252.25,224.44l-66.83-66.83a5.26,5.26,0,0,0-7.43,0l-.37.37-18.11-18.12a88.16,88.16,0,1,0-20.67,20.39L157.1,178.5l-.16.16a5.26,5.26,0,0,0,0,7.43l66.83,66.83a5.24,5.24,0,0,0,7.42,0l21.06-21A5.26,5.26,0,0,0,252.25,224.44ZM24,88.16a64.16,64.16,0,1,1,64.16,64.15A64.23,64.23,0,0,1,24,88.16Z">
      </path>
    </svg>
  </button>
</form>

/search

<form class="site-header__search-form site-header__search-form--desktop" action="/search" data-search-url="/search" style="" __bizdiag="113" __biza="WJ__">
  <a href="#" id="activateSearch" title="Search">




    <img src="/globalassets/media/icons/site/grym/search.png" alt="">

                                </a>
  <div class="site-header__search-input-wrapper">
    <input type="search" name="q" placeholder="Search" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" class="site-header__search-input site-header__search-input--desktop" style="" aria-expanded="false">
  </div>
  <button class="site-header__search-submit" type="submit" title="Search">
    <img src="/globalassets/media/icons/site/grym/search.png" alt="">
  </button>
</form>

<form class="mktoForm mktoHasWidth mktoLayoutLeft" data-form-id="1301" data-poi="" data-page-source="" data-campaign-code="" data-gclid="" data-zoom-info="" __bizdiag="-1839851753" __biza="WJ__" id="mktoForm_1301" novalidate="novalidate"
  style="font-family: Helvetica, Arial, sans-serif; font-size: 13px; color: rgb(51, 51, 51); width: 1601px;">
  <div class="mktoFormRow">
    <div class="mktoFieldDescriptor mktoFormCol" style="margin-bottom: 10px;">
      <div class="mktoFieldWrap mktoRequiredField"><input id="Email" name="Email" maxlength="255" aria-labelledby="LblEmail InstructEmail" type="email" class="mktoField mktoEmailField mktoHasWidth mktoRequired" aria-required="true"
          style="width: 150px;" placeholder="Business Email Address"></div>
    </div>
  </div>
  <div class="mktoFormRow mktoFormRowHidden">
    <div class="mktoFieldDescriptor mktoFormCol" style="margin-bottom: 10px;">
      <div class="mktoFieldWrap mktoRequiredField"><select id="Country" name="Country" aria-labelledby="LblCountry InstructCountry" class="mktoField mktoHasWidth mktoRequired" aria-required="true" style="width: 150px;">
          <option value="">Country</option>
          <option value="AF">Afghanistan</option>
          <option value="AL">Albania</option>
          <option value="DZ">Algeria</option>
          <option value="AX">Aland Islands</option>
          <option value="AS">American Samoa</option>
          <option value="AI">Anguilla</option>
          <option value="AD">Andorra</option>
          <option value="AO">Angola</option>
          <option value="AN">Antilles - Netherlands</option>
          <option value="AG">Antigua and Barbuda</option>
          <option value="AQ">Antarctica</option>
          <option value="AR">Argentina</option>
          <option value="AM">Armenia</option>
          <option value="AU">Australia</option>
          <option value="AT">Austria</option>
          <option value="AW">Aruba</option>
          <option value="AZ">Azerbaijan</option>
          <option value="BA">Bosnia and Herzegovina</option>
          <option value="BB">Barbados</option>
          <option value="BD">Bangladesh</option>
          <option value="BE">Belgium</option>
          <option value="BF">Burkina Faso</option>
          <option value="BG">Bulgaria</option>
          <option value="BH">Bahrain</option>
          <option value="BI">Burundi</option>
          <option value="BJ">Benin</option>
          <option value="BM">Bermuda</option>
          <option value="BN">Brunei Darussalam</option>
          <option value="BO">Bolivia</option>
          <option value="BR">Brazil</option>
          <option value="BS">Bahamas</option>
          <option value="BT">Bhutan</option>
          <option value="BV">Bouvet Island</option>
          <option value="BW">Botswana</option>
          <option value="BV">Belarus</option>
          <option value="BZ">Belize</option>
          <option value="KH">Cambodia</option>
          <option value="CM">Cameroon</option>
          <option value="CA">Canada</option>
          <option value="CV">Cape Verde</option>
          <option value="CF">Central African Republic</option>
          <option value="TD">Chad</option>
          <option value="CL">Chile</option>
          <option value="CN">China</option>
          <option value="CX">Christmas Island</option>
          <option value="CC">Cocos Islands</option>
          <option value="CO">Colombia</option>
          <option value="CG">Congo</option>
          <option value="CI">Ivory Coast</option>
          <option value="CK">Cook Islands</option>
          <option value="CR">Costa Rica</option>
          <option value="HR">Croatia</option>
          <option value="CY">Cyprus</option>
          <option value="CZ">Czech Republic</option>
          <option value="CD">Democratic Republic of the Congo</option>
          <option value="DJ">Djibouti</option>
          <option value="DK">Denmark</option>
          <option value="DM">Dominica</option>
          <option value="DO">Dominican Republic</option>
          <option value="EC">Ecuador</option>
          <option value="EG">Egypt</option>
          <option value="SV">El Salvador</option>
          <option value="TP">East Timor</option>
          <option value="EE">Estonia</option>
          <option value="GQ">Equatorial Guinea</option>
          <option value="ER">Eritrea</option>
          <option value="ET">Ethiopia</option>
          <option value="FI">Finland</option>
          <option value="FJ">Fiji</option>
          <option value="FK">Falkland Islands</option>
          <option value="FM">Federated States of Micronesia</option>
          <option value="FO">Faroe Islands</option>
          <option value="FR">France</option>
          <option value="GF">French Guiana</option>
          <option value="PF">French Polynesia</option>
          <option value="GA">Gabon</option>
          <option value="GM">Gambia</option>
          <option value="DE">Germany</option>
          <option value="GH">Ghana</option>
          <option value="GI">Gibraltar</option>
          <option value="GB">Great Britain</option>
          <option value="GD">Grenada</option>
          <option value="GE">Georgia</option>
          <option value="GR">Greece</option>
          <option value="GL">Greenland</option>
          <option value="GN">Guinea</option>
          <option value="GP">Guadeloupe</option>
          <option value="GS">S. Georgia and S. Sandwich Islands</option>
          <option value="GT">Guatemala</option>
          <option value="GU">Guam</option>
          <option value="GW">Guinea-Bissau</option>
          <option value="GY">Guyana</option>
          <option value="HK">Hong Kong</option>
          <option value="HM">Heard Island and McDonald Islands</option>
          <option value="HN">Honduras</option>
          <option value="HT">Haiti</option>
          <option value="HU">Hungary</option>
          <option value="ID">Indonesia</option>
          <option value="IE">Ireland</option>
          <option value="IL">Israel</option>
          <option value="IN">India</option>
          <option value="IO">British Indian Ocean Territory</option>
          <option value="IQ">Iraq</option>
          <option value="IT">Italy</option>
          <option value="JM">Jamaica</option>
          <option value="JO">Jordan</option>
          <option value="JP">Japan</option>
          <option value="KE">Kenya</option>
          <option value="KG">Kyrgyzstan</option>
          <option value="KI">Kiribati</option>
          <option value="KM">Comoros</option>
          <option value="KN">Saint Kitts and Nevis</option>
          <option value="KR">Korea South</option>
          <option value="KW">Kuwait</option>
          <option value="KY">Cayman Islands</option>
          <option value="KZ">Kazakhstan</option>
          <option value="LA">Laos</option>
          <option value="LB">Lebanon</option>
          <option value="LC">Saint Lucia</option>
          <option value="LI">Liechtenstein</option>
          <option value="LK">Sri Lanka</option>
          <option value="LR">Liberia</option>
          <option value="LS">Lesotho</option>
          <option value="LT">Lithuania</option>
          <option value="LU">Luxembourg</option>
          <option value="LV">Latvia</option>
          <option value="LY">Libya</option>
          <option value="MK">Macedonia</option>
          <option value="MO">Macao</option>
          <option value="MG">Madagascar</option>
          <option value="MY">Malaysia</option>
          <option value="ML">Mali</option>
          <option value="MW">Malawi</option>
          <option value="MR">Mauritania</option>
          <option value="MH">Marshall Islands</option>
          <option value="MQ">Martinique</option>
          <option value="MU">Mauritius</option>
          <option value="YT">Mayotte</option>
          <option value="MT">Malta</option>
          <option value="MX">Mexico</option>
          <option value="MA">Morocco</option>
          <option value="MC">Monaco</option>
          <option value="MD">Moldova</option>
          <option value="MN">Mongolia</option>
          <option value="MM">Myanmar</option>
          <option value="MP">Northern Mariana Islands</option>
          <option value="MS">Montserrat</option>
          <option value="MV">Maldives</option>
          <option value="MZ">Mozambique</option>
          <option value="NA">Namibia</option>
          <option value="NC">New Caledonia</option>
          <option value="NE">Niger</option>
          <option value="NF">Norfolk Island</option>
          <option value="NG">Nigeria</option>
          <option value="NI">Nicaragua</option>
          <option value="NL">Netherlands</option>
          <option value="NO">Norway</option>
          <option value="NP">Nepal</option>
          <option value="NR">Nauru</option>
          <option value="NU">Niue</option>
          <option value="NZ">New Zealand</option>
          <option value="OM">Oman</option>
          <option value="PA">Panama</option>
          <option value="PE">Peru</option>
          <option value="PG">Papua New Guinea</option>
          <option value="PH">Philippines</option>
          <option value="PK">Pakistan</option>
          <option value="PL">Poland</option>
          <option value="PM">Saint Pierre and Miquelon</option>
          <option value="CS">Serbia and Montenegro</option>
          <option value="PN">Pitcairn</option>
          <option value="PR">Puerto Rico</option>
          <option value="PS">Palestinian Territory</option>
          <option value="PT">Portugal</option>
          <option value="PW">Palau</option>
          <option value="PY">Paraguay</option>
          <option value="QA">Qatar</option>
          <option value="RE">Reunion</option>
          <option value="RO">Romania</option>
          <option value="RU">Russian Federation</option>
          <option value="RW">Rwanda</option>
          <option value="SA">Saudi Arabia</option>
          <option value="WS">Samoa</option>
          <option value="SH">Saint Helena</option>
          <option value="VC">Saint Vincent and the Grenadines</option>
          <option value="SM">San Marino</option>
          <option value="ST">Sao Tome and Principe</option>
          <option value="SN">Senegal</option>
          <option value="SC">Seychelles</option>
          <option value="SL">Sierra Leone</option>
          <option value="SG">Singapore</option>
          <option value="SK">Slovakia</option>
          <option value="SI">Slovenia</option>
          <option value="SB">Solomon Islands</option>
          <option value="SO">Somalia</option>
          <option value="ZA">South Africa</option>
          <option value="ES">Spain</option>
          <option value="SD">Sudan</option>
          <option value="SR">Suriname</option>
          <option value="SJ">Svalbard and Jan Mayen</option>
          <option value="SE">Sweden</option>
          <option value="CH">Switzerland</option>
          <option value="SZ">Swaziland</option>
          <option value="TW">Taiwan</option>
          <option value="TZ">Tanzania</option>
          <option value="TJ">Tajikistan</option>
          <option value="TH">Thailand</option>
          <option value="TL">Timor-Leste</option>
          <option value="TG">Togo</option>
          <option value="TK">Tokelau</option>
          <option value="TO">Tonga</option>
          <option value="TT">Trinidad and Tobago</option>
          <option value="TN">Tunisia</option>
          <option value="TR">Turkey</option>
          <option value="TM">Turkmenistan</option>
          <option value="TC">Turks and Caicos Islands</option>
          <option value="TV">Tuvalu</option>
          <option value="UA">Ukraine</option>
          <option value="UG">Uganda</option>
          <option value="AE">United Arab Emirates</option>
          <option value="UK">United Kingdom</option>
          <option value="US">United States</option>
          <option value="UM">United States Minor Outlying Islands</option>
          <option value="UY">Uruguay</option>
          <option value="UZ">Uzbekistan</option>
          <option value="VU">Vanuatu</option>
          <option value="VA">Vatican City State</option>
          <option value="VE">Venezuela</option>
          <option value="VG">Virgin Islands</option>
          <option value="VI">Virgin Islands</option>
          <option value="VN">Viet Nam</option>
          <option value="WF">Wallis and Futuna</option>
          <option value="EH">Western Sahara</option>
          <option value="YE">Yemen</option>
          <option value="ZM">Zambia</option>
          <option value="ZW">Zimbabwe</option>
        </select></div>
    </div>
  </div>
  <div class="mktoButtonRow"><span class="mktoButtonWrap mktoSimple" style="margin-left: 120px;"><button type="submit" class="mktoButton">Submit</button></span></div><input type="hidden" name="formid" class="mktoField mktoFieldDescriptor"
    value="1301"><input type="hidden" name="munchkinId" class="mktoField mktoFieldDescriptor" value="417-HWY-826">
  <div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="Jigsaw" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
  <div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="mKTOProductInterest" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
  <div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="pageSource" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
  <div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="campaignCodeMostRecent" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
  <div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="utmcampaign" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
  <div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="utmcontent" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
  <div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="utmmedium" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
  <div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="utmsource" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
  <div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="utmterm" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
  <div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="referringURL" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
  <div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="CWS_GCLID__c" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
  <div class="mktoFormRow mktoFormRowHidden"><input type="hidden" name="ga_cid__c" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;"></div>
</form>

<form class="mktoForm mktoHasWidth mktoLayoutLeft" data-form-id="1301" data-poi="" data-page-source="" data-campaign-code="" data-gclid="" data-zoom-info="" __bizdiag="-1839851753" __biza="WJ__" novalidate="novalidate"
  style="font-family: Helvetica, Arial, sans-serif; font-size: 13px; color: rgb(51, 51, 51); visibility: hidden; position: absolute; top: -500px; left: -1000px; width: 1600px;"></form>

Text Content

___

Skip to main content
 * Contact Us
 * Sign In

 * 
   SOLUTIONS
   Cybersecurity Management
   Everything you need to protect your clients’ most critical business assets
    * MDR
      Address the growing frequency, type, and severity of cyber threats against
      SMB endpoints
    * SIEM
      Centralize threat visibility and analysis, backed by cutting-edge threat
      intelligence
    * Risk Assessment & Vulnerability Management
      Identify unknown cyber risks and routinely scan for vulnerabilities
    * Identity Management
      Secure and streamline client access to devices and applications with
      strong authentication and SSO
    * Cloud App Security
      Monitor and manage SaaS security risks for the entire Microsoft 365
      environment.
    * SASE
      Zero trust secure access for users, locations, and devices
    * Enterprise-grade SOC
      Provide 24/7 threat monitoring and response backed by proprietary threat
      research and intelligence and certified cyber experts
    * Policy Management
      Create, deploy, and manage client security policies and profiles
    * Incident Response Service
      On-tap cyber experts to address critical security incidents
    * Cybersecurity Glossary
      Guide to the most common, important terms in the industry
      * What is cybersecurity?
        Everything you need to know - from our experts.
   
   See All Cybersecurity Management solutions >>
   Unified Monitoring & Management
   Monitor, troubleshoot and backup customer endpoints and data.
    * RMM
      Monitor and manage your client’s networks the way you want - hands-on,
      automated or both.
      * Best PSA/RMM Vendor
        CPI US MSP Innovation Awards 2022
    * BCDR
      Keep your client’s at ease with backup and disaster recovery you can
      trust.
    * ScreenConnect
      Remotely access and support any device, anywhere, any time.
    * Access Management
      Eliminate shared admin passwords and protect customers from security
      threats.
    * NOC Services
      24/7/365 network operations center of expert technicians at your service.
    * Automate
      Powerful RMM for next-level IT support
   
   All Unified Monitoring & Management solutions >>
   Business Management
   Efficiently run your TSP business with integrated front and back office
   solutions.
    * PSA
      Professional services automation designed to run your as-a-service
      business.
      * Best PSA/RMM Vendor
        CPI US MSP Innovation Awards 2022
    * CPQ
      Advanced quote and proposal automation to streamline your quoting.
    * Dashboards & KPIs by BrightGauge
      KPI dashboards and reporting for real-time business insights.
    * IT Documentation by ITBoost
      Centralized, intuitive IT documentation.
    * Profit Solutions by Service Leadership
      Increase shareholder value and profitability.
    * SmileBack
      Customer Service Feedback For MSPs
    * Business Management Packages
      Optimize your business operations through curated packages designed to
      streamline, standardize, and automate your business processes.
   
   All Business Management solutions >>
   Integrated Expert Services
   Solve staffing issues with managed services to support your team and clients.
    * Help Desk Services
      Consistent, scalable, and high-quality help-desk services with trained
      technicians.
    * Dedicated Technician
      Technical expertise and personalized support to scale your staff.
    * Project Assistance
      On-demand technical expertise
    * NOC Services
      24/7/365 network operations center of expert technicians at your service.
    * SOC Services
      24/7/365 threat monitoring and response in our security operations center.
    * Incident Response Service
      On-tap cyber experts to address critical security incidents
   
   All Integrated Services Solutions >>
   The Asio™ Platform
   Automate more, revolutionize efficiency, and grow business faster with a
   platform built for TSP’s.
    * ConnectWise Sidekick
      Accelerate team productivity and increase customer satisfaction through
      generative AI functionality.
    * RPA
      Save time and resources through easy to use workflows and automate
      repetitive processes to make your team more efficient.
   
   Asio™ Overview >>
   Solution Marketplace >>
 * 
   WHY CONNECTWISE
   TSP SOLUTIONS
    * Managed Services Provider (MSP)
    * Managed Security Solutions Provider (MSSP)
    * Value Added Reseller (VAR)
    * Office Technology Dealer
    * Internal IT
    * Partner Success Stories
    * What We Offer
   
   COMMUNITY
    * The IT Nation
    * Events
    * IT Industry Conference
    * Cybersecurity Conference
    * User Groups
    * Peer Groups
    * Online Community
   
   SECURITY FOCUSED
    * Cybersecurity Center
    * Cyber Research Unit
    * Trust Center
    * Security Bulletins
    * Partner Program
   
   IT NATION SECURE
   
 * 
   RESOURCES
   LEARN + GROW
    * Resource Center
    * Events
    * Webinars
    * Podcasts
    * Blog
    * Modes Theory™
      Identify where you are, where you want to go, and how to get there
    * ConnectWise Certify
      TSP training & professional development certifications
   
   EXPLORE SOLUTIONS
    * Start a Trial
    * Register for a Live Demo
    * Watch On-Demand Demos
    * Request a Quote
   
   Best PSA/RMM Vendor
   CPI US MSP Innovation Awards 2022
   
 * 
   COMPANY
   ABOUT
    * What Makes Us Different
    * Mission & Vision
    * History
    * Leadership
    * Board of Directors
   
   COMPANY UPDATES
    * Awards
    * Press Room
    * Philanthropy
    * Careers
    * Contact Us
   
   

Sign In
NEW! Advisories Try For Free
 1. Home
 2. Company
 3. Trust Center
 4. Security Bulletins
 5. ConnectWise ScreenConnect 23.9.8 security fix


CONNECTWISE SCREENCONNECT 23.9.8 SECURITY FIX

02/19/2024
Products: ScreenConnect
Severity: Critical
Priority: 1 - High
February 27, 2024 update: 
 
Cloud partner summary:
Cloud partners are remediated against both vulnerabilities reported on February
19. No further action is required from any cloud partner (“screenconnect.com”
cloud and “hostedrmm.com”).
 
On-prem partner summary:

On-prem partners are advised to immediately upgrade to the latest version of
ScreenConnect to remediate against reported vulnerabilities.

Active maintenance
If you are on active maintenance, we strongly recommend upgrading to the most
current release of 23.9.8 or later. Using the most current release of
ScreenConnect includes security updates, bug fixes, and enhancements not found
in older releases.

Off maintenance
ConnectWise has provided a patched version of 22.4.20001 available to any
partner regardless of maintenance status as an interim step to mitigate the
vulnerability. If you are not currently under maintenance, please upgrade your
servers to version 22.4.20001 at minimum or to your latest eligible patched
version that includes the remediation for CVE-2024-1709. 

(Updated) Addressing license errors: If a license error arises during the
upgrade, please stop the four ScreenConnect services (Session Manager, Security
Manager, Web Server, Relay), move the “License.xml” file from the installation
folder “C:\Program Files (x86)\ScreenConnect\App_Data\License.xml” to another
location such as Desktop, and proceed with the upgrade. After the upgrade is
complete, the license key will need to be re-added by stopping the four services
and dropping the file back into the App_Data folder.

 


ACTIVE ADVISORY

 * ScreenConnect vulnerability CWE-288
 * ScreenConnect 23.9.8 security bulletin
 * How to upgrade on-premise installation
 * Download patch
 * FAQ


HELPFUL LINKS

 * Advisories RSS feed link
 * Chrome RSS feed extension
 * Visit our Trust Center
 * See latest security bulletins
 * Check status.connectwise.com
 * Call 1-888-WISE911 to report a security vulnerabillity
 * Email help@connectwise.com
 * Login and open a ticket on ConnectWise Home
 * Update/check my email preferences

 
February 23, 2024 update: 
 
ICYMI: ConnectWise has taken an exception step to support partners no longer
under maintenance by making them eligible to install version 22.4 at no
additional cost, which will fix CVE-2024-1709, the critical vulnerability.
However, this should be treated as an interim step. ConnectWise recommends
on-premise partners upgrade to remain within maintenance  to gain access to all
security and product enhancements.
 
February 22, 2024 update: 

ConnectWise recommends on-premise partners immediately update to 23.9.8 or
higher to remediate reported vulnerabilities.  

ConnectWise has rolled out an additional mitigation step for unpatched,
on-premise users that suspends an instance if it is not on version 23.9.8 or
later. If your instance is found to be on an outdated version, an alert will be
sent with instructions on how to perform the necessary actions to release the
server. 

To upgrade your version to our latest 23.9 release, please follow this upgrade
path: 

2.1 → 2.5 → 3.1 → 4.4 → 5.4 → 19.2 → 22.8 → 23.3 → 23.9 

If you need any assistance or have additional questions, please go online to
ConnectWise Home and open a case with our support team or email
help@connectwise.com.

February 21, 2024 update*: 

Cloud partner summary: Cloud partners are remediated against both
vulnerabilities reported on February 19. No further action is required from any
cloud partner (“screenconnect.com” cloud and “hostedrmm.com”).

On-Prem partner summary: On-prem partners are advised to immediately upgrade to
the latest version of ScreenConnect to remediate against reported
vulnerabilities.

Today, ScreenConnect version 23.9.10.8817 was released containing a number of
fixes to improve customer experience. It is always recommended to be on the
latest version but 23.9.8 is the minimum version that remediated the reported
vulnerabilities.

As part of this release, ConnectWise has removed license restrictions, so
partners no longer under maintenance can upgrade to the latest version of
ScreenConnect.

*Please see the February 27, 2024 security bulletin update that clarifies
partners off maintenance can upgrade to 22.4.20001 (or a later eligible version)
to receive a patch to CVE-2024-1709. To get the current 23.9.8 or later release,
partners need to be on active maintenance. 

February 20, 2024 update: 

Indicators of compromise
Indicators of compromise (IOCs) look for malicious activity or threats. These
indicators can be incorporated into your cybersecurity monitoring platform. They
can help you stop a cyberattack that's in progress. Plus, you can use IOCs to
find ways to detect and stop ransomware, malware, and other cyberthreats before
they cause data breaches.

We've received notifications of suspicious activity that our incident response
team has investigated. The following IP addresses were used by threat actors. We
are making them available for protection and defense.

IOCs: 

 * 155.133.5.15
 * 155.133.5.14
 * 118.69.65.60

We will continue to update with any further information as it becomes
available. 

 

Original Bulletin:

Summary 

Vulnerabilities were reported February 13, 2024, through our vulnerability
disclosure channel via the ConnectWise Trust Center. There is no evidence that
these vulnerabilities have been exploited in the wild, but immediate action must
be taken by on-premise partners to address these identified security risks. 

Vulnerability 

 * CWE-288 Authentication bypass using an alternate path or channel 
 * CWE-22 Improper limitation of a pathname to a restricted directory (“path
   traversal”)  

 

CWE ID 

Description 

Base Score 

Vector 

CWE-288 

Authentication bypass using an alternate path or channel 

10 

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 

CWE-22  

Improper limitation of a pathname to a restricted directory (“path traversal”) 

8.4 

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H  

 

Severity 

Critical—Vulnerabilities that could allow the ability to execute remote code or
directly impact confidential data or critical systems.

Priority  

1 High—Vulnerabilities that are either being targeted or have higher risk of
being targeted by exploits in the wild. Recommend installing updates as
emergency changes or as soon as possible (e.g., within days)  

Affected versions 

ScreenConnect 23.9.7 and prior 

Remediation 

Cloud 

There are no actions needed by the partner, ScreenConnect servers hosted in
“screenconnect.com” cloud or “hostedrmm.com” have been updated to remediate the
issue.  

On-premise 

Partners that are self-hosted or on-premise need to update their servers to
version 23.9.8 immediately to apply a patch. 

ConnectWise will also provide updated versions of releases 22.4 through 23.9.7
for the critical issue, but strongly recommend that partners update to
ScreenConnect version 23.9.8. 

For instructions on updating to the newest release, please reference this doc:
Upgrade an on-premise installation - ConnectWise 

Link to patch: Download | ConnectWise ScreenConnect™ 

faq


FAQS

Frequently asked questions
What happened?

A critical vulnerability, CVE-2024-1709, was reported by a security researcher
that allows anonymous attackers to exploit an authentication bypass flaw to
create admin accounts on publicly exposed instances. Essentially, a bad actor
could mimic the role as system admin, delete all other users and take over the
instance.

What is the current status of the vulnerability?

Cloud partners: Within 36 hours of confirming the CVE-2024-1709 vulnerability,
we applied a manual mitigation for all cloud partners (ConnectWise
ScreenConnect™, RMM and Automate/hosted RMM). Completing this action meant that
all cloud partners were protected without requiring any actions from the
partner. We then completed an upgrade for all ScreenConnect and Automate/hosted
RMM cloud partners to our latest 23.9 version, which applies further hardening
and reverts to our usual release process format. 

On-premise partners: A patch is available to partners who are self-hosted or
on-premise need to update their servers to version 23.9.8 immediately to apply a
patch. 

Link to patch: Download | ConnectWise ScreenConnect  

For instruction on updating to the newest release, please reference this doc:
Upgrade an on-premise installation - ConnectWise 

Who is at risk?

ConnectWise has taken an exception step to support partners no longer under
maintenance by making them eligible to install version 22.4 at no additional
cost, which will fix CVE-2024-1709, the critical vulnerability. However, this
should be treated as an interim step. ConnectWise recommends on-premise partners
upgrade to remain within maintenance  to gain access to all security and product
enhancements.

How can partners protect themselves?

There are many things that a partner can do to protect themselves. In this
situation, the most important thing you can do is patch your instances
immediately! 

What can partners do if they suspect they have been compromised?

If you suspect you have been compromised related to the recent ConnectWise
ScreenConnect™™ vulnerability (CVE-2024-1709), please follow the mitigation
steps below. 

 1. Upgrade ScreenConnect to the current 23.9.8 version immediately 

 * Please note, there is an upgrade path that must be followed 
   2.1 → 2.5 → 3.1 → 4.4 → 5.4 →19.2→22.8→23.3→ 23.9 
 * Click here to upgrade your on-premise installation 

2. If you receive a license error when upgrading, it may be due to a technical
problem on the server, or the license key itself may need to be renewed.  

 * If the upgrade cannot be completed, please delete the SetupWizard.aspx file
   out of the installation folder: C:\Program Files
   (x86)\ScreenConnect\SetupWizard.aspx 

3. Identify the issue  

 * When compromised, the User.xml file on the ScreenConnect™ instance is reset
   and replaced with a new file that contains only information about one new
   user 
   C:\Program Files (x86)\ScreenConnect™\App_Data\User.xml 
 * This file can be restored from a backup to get the original users back (if
   applicable) 
 * If you don’t have a user backup, the user file can be reset again by
   following the process outlined here.

4. Once you are able to log in, check for malicious commands/tools or
connections.  

 * Install the Report Manager extension on the Admin > Extensions page > Browse
   Extension Marketplace button 
 * Launch Report Manager from the Admin page > Extras menu (4x boxes lower left
   corner) > Report Manager 
 * There are pre-built reports that will export data as a CSV. All reports show
   the last 30 days of data by default (this is dependent on the database
   maintenance plans)  
 * Host Session Connections—shows all connections made to devices 
 * Queued Commands Example—shows all remote commands run against devices 
 * Queued Toolbox Items Example—shows all toolbox items that were queued up 

Report a security incident 

If you have questions or need to report a security or privacy incident, please
visit our ConnectWise Trust Center. You can also call our Partner InfoSec
Hotline at 1-888-WISE911 to report a non-active security incident or a security
vulnerability. 

How do I report a security incident?

If you have questions or need to report a security or privacy incident, please
visit our ConnectWise Trust Center. You can also call our Partner InfoSec
Hotline at 1-888-WISE911 to report a non-active security incident or a security
vulnerability. 

Where can partners go for more information and support?

If you need any assistance or have additional questions, please go online to
ConnectWise Home and open a case with our support team or email
help@connectwise.com. 

We are communicating in many platforms to make sure you stay informed. However,
our FAQ page will capture the latest questions that are frequently asked as this
evolves. If you do not find what you are looking for here, please go online to
our Trust Center for our advisories and bulletin pages for more information. 

Some of the partners are getting a license revoked error, even after upgrading
their server to the latest version and rebooting. What do we do next?

What we've done is revoke the licenses for servers that have checked in using an
unpatched version. You will be able to upgrade to the current/patched versions,
and if the license is eligible for the installed version, it will automatically
be restored by the license server. However, the key would still need to be valid
for the version you're using. If the key is not valid, it will stay as revoked,
and you'd need to upgrade the key. 

https://docs.connectwise.com/ConnectWise_ScreenConnect™_Documentation/On-premises/On-premises_licensing/Upgrade_an_on-premises_license 

Why didn’t I receive an email?  Who at my company did receive an email?

We went to great lengths to contact partners and previous partners regarding
this issue. We’ve heard reports that messages went to junk or spam folders. To
avoid this in the future, please set rules that allow ConnectWise communication
to hit your primary inbox – add no-reply@connectwise.com to your safe sender
list to ensure these important communications are delivered to your inbox. 

In addition, please update your primary contact details by reaching out to your
dedicated account manager. You can also ensure your email preferences are
correctly configured in our online self-service ConnectWise Profile and
Preference Center. Learn more here. 

If you have confirmed that your primary contact information is accurate and you
are still not receiving emails from our system, we kindly request that you share
the primary contact email with us for further investigation. 

Why was my cloud-hosted ScreenConnect showing a version older than 23.9.8 when
the security advisory said we had already been updated?

We apologize for any confusion. For cloud-hosted partners, including RMM/Command
partners, while we communicated that there was no action needed, many believed
they were still vulnerable because their ScreenConnect was showing a version
older than 23.9.8. We took action to remediate the vulnerability for all cloud
partners, but because partners did not have the new version installed, they
thought they were still vulnerable. We rolled out full version upgrades to
resolve this. Again, we apologize for any confusion and inconvenience, or
original message may have caused. 

Why did my cloud-hosted ScreenConnect instance have downtime on February 21?

Some of our cloud-hosted partners (including RMM/Command partners) were
concerned they were possibly compromised due to a brief downtime on February 21.
This was due to an accelerated rollout of the formal patch version (23.9) to put
us back on a proper release schedule. The average downtime for this was around
10 minutes.  

How do I know what version of ScreenConnect I am eligible for?

Check your Status/Overview page and review the Version Check. Review the Latest
Eligible Version row; this will detail the latest version of ScreenConnect that
your license permits you to upgrade to. 



Partners no longer under maintenance are eligible to install version 22.4 at no
additional cost, which will fix CVE-2024-1709, the critical vulnerability.
However, this should be treated as an interim step. ConnectWise recommends
updating to the latest release to get all the current security patches and
therefore all partners should upgrade to 23.9.8 or higher using the upgrade path
outlined above. 

For instructions on how to renew your license, please click here or contact our
sales team at screenconnectsales@connectwise.com. 

What happens once I have patched to a remediated version?

Once you have patched your on-prem instance of ScreenConnect to the latest
version, you should review users with access to ScreenConnect™, remove any that
are not recognized, change passwords, and enable MFA.  

If you are using any extensions, please validate them and remove/add them again.
Once all steps are completed restart the server. 

Do these vulnerabilities directly affect ScreenConnect clients?

ScreenConnect clients are not directly impacted by this issue. This is because
the identified vulnerabilities involve an authentication bypass and path
traversal issues within the server software itself (unpatched ScreenConnect
instances version 23.9.7 and below), rather than any vulnerabilities within the
client software that is installed on end-user devices. 

While updating the clients is always recommended, it is not required to mitigate
or protect against this issue. 

Ready to talk?

Contact Us

Chat Now

800.671.6898
Partner Support
Solutions
 * Asio™ by ConnectWise®
 * Cybersecurity Management
 * Unified Monitoring & Management
 * Business Management
 * Integrated Services
 * Solution Marketplace

For Partners
 * University Login
 * ConnectWise Home
 * Getting Help
 * Documentation
 * Partner Services
 * Partner Communications
 * Partner Referral

Resources
 * Blog
 * Resource Center
 * Events
 * Webinars
 * Podcasts
 * The IT Nation
 * Online Community

Company
 * Mission & Vision
 * History
 * Awards
 * Press Room
 * Careers
 * Distributors
 * Contact Us


Enter your email address to receive updates from ConnectWise.
CountryAfghanistanAlbaniaAlgeriaAland IslandsAmerican
SamoaAnguillaAndorraAngolaAntilles - NetherlandsAntigua and
BarbudaAntarcticaArgentinaArmeniaAustraliaAustriaArubaAzerbaijanBosnia and
HerzegovinaBarbadosBangladeshBelgiumBurkina
FasoBulgariaBahrainBurundiBeninBermudaBrunei
DarussalamBoliviaBrazilBahamasBhutanBouvet
IslandBotswanaBelarusBelizeCambodiaCameroonCanadaCape VerdeCentral African
RepublicChadChileChinaChristmas IslandCocos IslandsColombiaCongoIvory CoastCook
IslandsCosta RicaCroatiaCyprusCzech RepublicDemocratic Republic of the
CongoDjiboutiDenmarkDominicaDominican RepublicEcuadorEgyptEl SalvadorEast
TimorEstoniaEquatorial GuineaEritreaEthiopiaFinlandFijiFalkland IslandsFederated
States of MicronesiaFaroe IslandsFranceFrench GuianaFrench
PolynesiaGabonGambiaGermanyGhanaGibraltarGreat
BritainGrenadaGeorgiaGreeceGreenlandGuineaGuadeloupeS. Georgia and S. Sandwich
IslandsGuatemalaGuamGuinea-BissauGuyanaHong KongHeard Island and McDonald
IslandsHondurasHaitiHungaryIndonesiaIrelandIsraelIndiaBritish Indian Ocean
TerritoryIraqItalyJamaicaJordanJapanKenyaKyrgyzstanKiribatiComorosSaint Kitts
and NevisKorea SouthKuwaitCayman IslandsKazakhstanLaosLebanonSaint
LuciaLiechtensteinSri
LankaLiberiaLesothoLithuaniaLuxembourgLatviaLibyaMacedoniaMacaoMadagascarMalaysiaMaliMalawiMauritaniaMarshall
IslandsMartiniqueMauritiusMayotteMaltaMexicoMoroccoMonacoMoldovaMongoliaMyanmarNorthern
Mariana IslandsMontserratMaldivesMozambiqueNamibiaNew CaledoniaNigerNorfolk
IslandNigeriaNicaraguaNetherlandsNorwayNepalNauruNiueNew
ZealandOmanPanamaPeruPapua New GuineaPhilippinesPakistanPolandSaint Pierre and
MiquelonSerbia and MontenegroPitcairnPuerto RicoPalestinian
TerritoryPortugalPalauParaguayQatarReunionRomaniaRussian FederationRwandaSaudi
ArabiaSamoaSaint HelenaSaint Vincent and the GrenadinesSan MarinoSao Tome and
PrincipeSenegalSeychellesSierra LeoneSingaporeSlovakiaSloveniaSolomon
IslandsSomaliaSouth AfricaSpainSudanSurinameSvalbard and Jan
MayenSwedenSwitzerlandSwazilandTaiwanTanzaniaTajikistanThailandTimor-LesteTogoTokelauTongaTrinidad
and TobagoTunisiaTurkeyTurkmenistanTurks and Caicos
IslandsTuvaluUkraineUgandaUnited Arab EmiratesUnited KingdomUnited StatesUnited
States Minor Outlying IslandsUruguayUzbekistanVanuatuVatican City
StateVenezuelaVirgin IslandsVirgin IslandsViet NamWallis and FutunaWestern
SaharaYemenZambiaZimbabwe
Submit












Get Social with Us

©2024 ConnectWise, LLC. All rights reserved.
Terms Privacy Policy Trust
We use cookies to enhance site navigation, analyze site usage and assist in our
marketing efforts. You can accept, reject or customize your preferences by
clicking the cookie settings button. Our privacy policy provides more
information and explains how to amend your cookie settingsPrivacy Policy
Customize Choices Reject All Cookies Accept All Cookies



PRIVACY PREFERENCE CENTER




 * YOUR PRIVACY


 * STRICTLY NECESSARY COOKIES


 * PERFORMANCE COOKIES


 * TARGETING COOKIES


 * FUNCTIONAL COOKIES

YOUR PRIVACY

When you visit any website, it may store or retrieve information on your
browser, mostly in the form of cookies. This information might be about you,
your preferences or your device and is mostly used to make the site work as you
expect it to. The information does not usually directly identify you, but it can
give you a more personalized web experience. Because we respect your right to
privacy, you can choose not to allow some types of cookies. Click on the
different category headings to find out more and change our default settings.
However, blocking some types of cookies may impact your experience of the site
and the services we are able to offer.
More information

STRICTLY NECESSARY COOKIES

Always Active

These cookies are necessary for the website to function and cannot be switched
off in our systems. They are usually only set in response to actions made by you
which amount to a request for services, such as setting your privacy
preferences, logging in or filling in forms. You can set your browser to block
or alert you about these cookies, but some parts of the site will not then work.
These cookies do not store any personally identifiable information.

View Vendor Details‎

PERFORMANCE COOKIES

Performance Cookies


These cookies allow us to count visits and traffic sources so we can measure and
improve the performance of our site. They help us to know which pages are the
most and least popular and see how visitors move around the site. All
information these cookies collect is aggregated and therefore anonymous. If you
do not allow these cookies we will not know when you have visited our site, and
will not be able to monitor its performance.

View Vendor Details‎

TARGETING COOKIES

Targeting Cookies


These cookies may be set through our site by our advertising partners. They may
be used by those companies to build a profile of your interests and show you
relevant adverts on other sites. They do not store directly personal
information, but are based on uniquely identifying your browser and internet
device. If you do not allow these cookies, you will experience less targeted
advertising.

View Vendor Details‎

FUNCTIONAL COOKIES

Functional Cookies


These cookies enable the website to provide enhanced functionality and
personalisation. They may be set by us or by third party providers whose
services we have added to our pages. If you do not allow these cookies then some
or all of these services may not function properly.

View Vendor Details‎
Back Button


VENDORS LIST

Filter Button
Consent Leg.Interest
checkbox label label
checkbox label label
checkbox label label

Clear
checkbox label label
Apply Cancel
Confirm My Choices
Reject All Allow All