On February 19, 2023, ConnectWise published a security advisory for their ScreenConnect remote management tool. In the advisory, they describe two vulnerabilities, an authentication bypass with CVSS 10.0 and a path traversal with CVSS 8.4 (both currently without assigned CVE IDs).
The first vulnerability (auth bypass) was disclosed with a critical base CVSS scoring of 10, as it enables access to the path traversal vuln, which in turn enables unauthorized file access.
James Horseman, Horizon3.ai Exploit Developer, has just published ConnectWise ScreenConnect: Authentication Bypass Deep Dive which dives into the technical details of the authentication bypass, provides indicators of compromise, and includes a link to a Horizon3.i proof of concept auth bypass vulnerability on GitHub here.
Like this:
Like Loading...
Related
This entry was posted on February 21, 2024 at 1:01 pm and is filed under Commentary with tags horizon3.ai. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
ConnectWise ScreenConnect Authentication Bypass POC, IOCs Released
On February 19, 2023, ConnectWise published a security advisory for their ScreenConnect remote management tool. In the advisory, they describe two vulnerabilities, an authentication bypass with CVSS 10.0 and a path traversal with CVSS 8.4 (both currently without assigned CVE IDs).
The first vulnerability (auth bypass) was disclosed with a critical base CVSS scoring of 10, as it enables access to the path traversal vuln, which in turn enables unauthorized file access.
James Horseman, Horizon3.ai Exploit Developer, has just published ConnectWise ScreenConnect: Authentication Bypass Deep Dive which dives into the technical details of the authentication bypass, provides indicators of compromise, and includes a link to a Horizon3.i proof of concept auth bypass vulnerability on GitHub here.
Share this:
Like this:
Related
This entry was posted on February 21, 2024 at 1:01 pm and is filed under Commentary with tags horizon3.ai. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.