ConnectWise.ScreenConnect.Extension.ZIP.Path.Traversal
Description
This indicates an attack attempt to exploit a Path Traversal Vulnerability in ConnectWise ScreenConnect.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling a crafted zip file. Successful exploitation could lead to remote code execution.
Outbreak Alert
Threat actors including ransomware gangs are seen exploiting newly discovered critical flaws in remote monitoring and management software called ScreenConnect.
Affected Products
ConnectWise ScreenConnect prior to 23.9.8
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |