CERT-In Vulnerability Note
CIVN-2024-0066
Multiple Vulnerabilities in ScreenConnect
Original Issue Date:February 26, 2024
Severity Rating: HIGH
Software Affected
- ScreenConnect versions 23.9.8 or prior
Overview
Multiple vulnerabilities have been identified in ScreenConnect which could allow a remote attacker to access sensitive files, execute arbitrary code and gain full control of the affected systems.
Description
1. Path Traversal vulnerability
(
CVE-2024-1708
)
This vulnerability exists due to improper sanitization of the file extraction path by the application and thereby adding of new function arguments to handle file paths when extracting content from a ZIP file. An attacker can exploit this vulnerability by sending specially crafted requests that allow accessing or modifying files outside the intended restricted directory. Successful exploitation of this vulnerability could allow a remote attacker to access sensitive files, execute arbitrary code and gain full control on the targeted system.
2. Authentication Bypass vulnerability
(
CVE-2024-1709
)
This vulnerability exists due to improper authentication against all access paths, including the setup wizard and bypassing of string comparison in the requested path in the setup wizard. A remote attacker with administrative access to a compromised instance can exploit this vulnerability by sending specially crafted requests and upload a malicious ScreenConnect extension. Successful exploitation of this vulnerability allows a remote attacker to overwrite the internal user database and access sensitive files on the targeted system.
Solution
Apply appropriate updates as mentioned in Connectwise Security advisory:
https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8
Vendor Information
Connectwise
https://www.connectwise.com/company/trust/security-bulletins
References
Connectwise
https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8
Bleeping Computer
https://www.bleepingcomputer.com/news/security/screenconnect-critical-bug-now-under-attack-as-exploit-code-emerges/
UNIT42
https://unit42.paloaltonetworks.com/connectwise-threat-brief-cve-2024-1708-cve-2024-1709/
CVE Name
CVE-2024-1708
CVE-2024-1709
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Email: info@cert-in.org.in Phone: +91-11-22902657
Postal address
Indian Computer Emergency Response Team (CERT-In) Ministry of Electronics and Information Technology Government of India Electronics Niketan 6, CGO Complex, Lodhi Road, New Delhi - 110 003 India
|