{"cve":{"cve_id":"CVE-2024-1709","is_kev":true,"kev_date_added":"2024-02-22","kev_vendor_project":"ConnectWise","kev_product":"ScreenConnect","kev_vulnerability_name":"ConnectWise ScreenConnect Authentication Bypass Vulnerability","kev_short_description":"ConnectWise ScreenConnect contains an authentication bypass vulnerability that allows an attacker with network access to the management interface to create a new, administrator-level account on affected devices.","kev_required_action":"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","kev_due_date":"2024-02-29","kev_known_ransomware":true,"kev_notes":"https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8; https://nvd.nist.gov/vuln/detail/CVE-2024-1709","kev_cwes":["CWE-288"],"epss_score":0.99959,"epss_percentile":0.99974,"epss_as_of":"2026-06-23","description":"ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel\n\n vulnerability, which may allow an attacker direct access to confidential information or \n\ncritical systems.","published_at":"2024-02-21T15:36:03.960000Z","last_modified_at":null,"cvss_v3_score":10.0,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","cvss_v3_severity":"CRITICAL","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"active","ssvc_automatable":true,"ssvc_technical_impact":"total","cwes":["CWE-288"],"nvd_references":["https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8","https://www.huntress.com/blog/vulnerability-reproduced-immediately-patch-screenconnect-23-9-8","https://www.huntress.com/blog/detection-guidance-for-connectwise-cwe-288-2","https://www.bleepingcomputer.com/news/security/connectwise-urges-screenconnect-admins-to-patch-critical-rce-flaw/","https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc","https://github.com/rapid7/metasploit-framework/pull/18870","https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/","https://techcrunch.com/2024/02/21/researchers-warn-high-risk-connectwise-flaw-under-attack-is-embarrassingly-easy-to-exploit/","https://www.securityweek.com/connectwise-confirms-screenconnect-flaw-under-active-exploitation/","https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass"],"vuln_status":null,"trending_score":0.6099262002432104,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:31.350578Z","updated_at":"2026-06-29T02:30:27.550645Z"},"effective_severity":"CRITICAL","badges":["kev","ransomware","poc","epss"],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"C","value_label":"Changed"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"H","value_label":"High"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"connectwise","vendor_name":"ConnectWise","product_slug":"screenconnect","product_name":"ScreenConnect","version_start":"0","version_start_inclusive":true,"version_end":"23.9.7","version_end_inclusive":true,"cpe23_uri":"cve5:connectwise:screenconnect:0:23.9.7"}],"exploit_refs":[{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-1709.yaml","title":"ConnectWise ScreenConnect 23.9.7 - Authentication Bypass","author":"johnk3r","disclosed_at":null}],"news":[],"references":[{"url":"https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8","source_type":"MISC","tags":[]},{"url":"https://www.huntress.com/blog/vulnerability-reproduced-immediately-patch-screenconnect-23-9-8","source_type":"MISC","tags":["patch"]},{"url":"https://www.huntress.com/blog/detection-guidance-for-connectwise-cwe-288-2","source_type":"MISC","tags":[]},{"url":"https://www.bleepingcomputer.com/news/security/connectwise-urges-screenconnect-admins-to-patch-critical-rce-flaw/","source_type":"MISC","tags":["patch"]},{"url":"https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc","source_type":"MISC","tags":[]},{"url":"https://github.com/rapid7/metasploit-framework/pull/18870","source_type":"EXPLOIT","tags":["exploit"]},{"url":"https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/","source_type":"MISC","tags":[]},{"url":"https://techcrunch.com/2024/02/21/researchers-warn-high-risk-connectwise-flaw-under-attack-is-embarrassingly-easy-to-exploit/","source_type":"MISC","tags":[]},{"url":"https://www.securityweek.com/connectwise-confirms-screenconnect-flaw-under-active-exploitation/","source_type":"MISC","tags":[]},{"url":"https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2024-02-21T15:36:03.960000Z","label":"CVE published","source":null},{"type":"cisa_reported","at":"2024-02-22T00:00:00Z","label":"Added to CISA KEV catalog","source":"kev"},{"type":"poc_available","at":"2026-06-24T00:29:48.638073Z","label":"Public PoC available","source":"nuclei"},{"type":"cvss_changed","at":"2026-06-28T17:32:56.911083Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:32:56.911083Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:32:56.911083Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T01:51:51.659402Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:51:51.659402Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:51:51.659402Z","label":"SSVC decision revised","source":"vulnrichment"}]}