Screenconnect
Monthly
ScreenConnect versions prior to 26.2 permit an authenticated user holding Host Pass creation privileges to bypass the intended maximum token expiration duration when generating delegated access tokens. The root cause is improper input validation (CWE-1284) on the duration field in the Host Pass workflow, allowing the value to exceed its designed upper bound. While no public exploit or CISA KEV listing exists at time of analysis, successful abuse results in the creation of anomalously long-lived access tokens, extending delegated access well beyond the security policy limit - a persistence and access-control integrity risk.
A cryptographic authentication bypass vulnerability in ConnectWise ScreenConnect allows remote attackers who gain access to server-level cryptographic material to authenticate as any user and obtain elevated privileges. The vulnerability affects all ScreenConnect versions prior to 26.1 and carries a CVSS score of 9.0, indicating critical severity. While not currently listed in CISA's KEV catalog and with no public proof-of-concept available, the vulnerability's authentication bypass nature and potential for complete system compromise make it a high-priority patching target.
ConnectWise ScreenConnect 25.2.3 and earlier may be susceptible to ViewState code injection when machine keys are compromised, enabling remote code execution through ASP.NET deserialization.
ConnectWise ScreenConnect versions 22.6 and below contained a flaw allowing potential brute force attacks on custom access tokens due to inadequate rate-limiting controls in the default. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ScreenConnect versions prior to 26.2 permit an authenticated user holding Host Pass creation privileges to bypass the intended maximum token expiration duration when generating delegated access tokens. The root cause is improper input validation (CWE-1284) on the duration field in the Host Pass workflow, allowing the value to exceed its designed upper bound. While no public exploit or CISA KEV listing exists at time of analysis, successful abuse results in the creation of anomalously long-lived access tokens, extending delegated access well beyond the security policy limit - a persistence and access-control integrity risk.
A cryptographic authentication bypass vulnerability in ConnectWise ScreenConnect allows remote attackers who gain access to server-level cryptographic material to authenticate as any user and obtain elevated privileges. The vulnerability affects all ScreenConnect versions prior to 26.1 and carries a CVSS score of 9.0, indicating critical severity. While not currently listed in CISA's KEV catalog and with no public proof-of-concept available, the vulnerability's authentication bypass nature and potential for complete system compromise make it a high-priority patching target.
ConnectWise ScreenConnect 25.2.3 and earlier may be susceptible to ViewState code injection when machine keys are compromised, enabling remote code execution through ASP.NET deserialization.
ConnectWise ScreenConnect versions 22.6 and below contained a flaw allowing potential brute force attacks on custom access tokens due to inadequate rate-limiting controls in the default. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.