CVE-2024-1708 - ConnectWise ScreenConnect Path Traversal Vulnerability
Project:ConnectWise
Product:ScreenConnect
Date Added:2026-04-28Due Date:2026-05-12
Vulnerability Name
ConnectWise ScreenConnect Path Traversal Vulnerability
Description
ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8
https://nvd.nist.gov/vuln/detail/CVE-2024-1708
Related News Articles
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEVApril 29, 2026