cve/2024/CVE-2024-1709.md

### [CVE-2024-1709](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1709)
![](https://img.shields.io/static/v1?label=Product&message=ScreenConnect&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-288%20Authentication%20bypass%20using%20an%20alternate%20path%20or%20channel&color=brighgreen)

### Description

ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems.

### POC

#### Reference
- https://github.com/rapid7/metasploit-framework/pull/18870
- https://github.com/rapid7/metasploit-framework/pull/18870
- https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc
- https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc
- https://techcrunch.com/2024/02/21/researchers-warn-high-risk-connectwise-flaw-under-attack-is-embarrassingly-easy-to-exploit/
- https://techcrunch.com/2024/02/21/researchers-warn-high-risk-connectwise-flaw-under-attack-is-embarrassingly-easy-to-exploit/
- https://www.bleepingcomputer.com/news/security/connectwise-urges-screenconnect-admins-to-patch-critical-rce-flaw/
- https://www.bleepingcomputer.com/news/security/connectwise-urges-screenconnect-admins-to-patch-critical-rce-flaw/
- https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/
- https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/
- https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass
- https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass
- https://www.huntress.com/blog/detection-guidance-for-connectwise-cwe-288-2
- https://www.huntress.com/blog/detection-guidance-for-connectwise-cwe-288-2
- https://www.huntress.com/blog/vulnerability-reproduced-immediately-patch-screenconnect-23-9-8
- https://www.huntress.com/blog/vulnerability-reproduced-immediately-patch-screenconnect-23-9-8
- https://www.securityweek.com/connectwise-confirms-screenconnect-flaw-under-active-exploitation/

#### Github
- https://github.com/GhostTroops/TOP
- https://github.com/HussainFathy/CVE-2024-1709
- https://github.com/Juan921030/sploitscan
- https://github.com/Ostorlab/KEV
- https://github.com/W01fh4cker/ScreenConnect-AuthBypass-RCE
- https://github.com/cjybao/CVE-2024-1709-and-CVE-2024-1708
- https://github.com/codeb0ss/CVE-2024-1709-PoC
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/myseq/vcheck-cli
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/securitycipher/daily-bugbounty-writeups
- https://github.com/sxyrxyy/CVE-2024-1709-ConnectWise-ScreenConnect-Authentication-Bypass
- https://github.com/tr1pl3ight/CVE-2024-21762-POC
- https://github.com/tr1pl3ight/CVE-2024-23113-POC
- https://github.com/tr1pl3ight/POCv2.0-for-CVE-2024-1709
- https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc
- https://github.com/xaitax/SploitScan
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2024-1709](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1709)`
			`![](https://img.shields.io/static/v1?label=Product&message=ScreenConnect&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-288%20Authentication%20bypass%20using%20an%20alternate%20path%20or%20channel&color=brighgreen)`

			`### Description`

			`ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems.`

			`### POC`

			`#### Reference`
			`- https://github.com/rapid7/metasploit-framework/pull/18870`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://github.com/rapid7/metasploit-framework/pull/18870`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://techcrunch.com/2024/02/21/researchers-warn-high-risk-connectwise-flaw-under-attack-is-embarrassingly-easy-to-exploit/`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://techcrunch.com/2024/02/21/researchers-warn-high-risk-connectwise-flaw-under-attack-is-embarrassingly-easy-to-exploit/`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://www.bleepingcomputer.com/news/security/connectwise-urges-screenconnect-admins-to-patch-critical-rce-flaw/`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://www.bleepingcomputer.com/news/security/connectwise-urges-screenconnect-admins-to-patch-critical-rce-flaw/`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://www.huntress.com/blog/detection-guidance-for-connectwise-cwe-288-2`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://www.huntress.com/blog/detection-guidance-for-connectwise-cwe-288-2`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://www.huntress.com/blog/vulnerability-reproduced-immediately-patch-screenconnect-23-9-8`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://www.huntress.com/blog/vulnerability-reproduced-immediately-patch-screenconnect-23-9-8`
Update Sat May 25 23:14:52 UTC 2024 2024-05-25 23:14:53 +00:00			`- https://www.securityweek.com/connectwise-confirms-screenconnect-flaw-under-active-exploitation/`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00
			`#### Github`
			`- https://github.com/GhostTroops/TOP`
			`- https://github.com/HussainFathy/CVE-2024-1709`
			`- https://github.com/Juan921030/sploitscan`
			`- https://github.com/Ostorlab/KEV`
			`- https://github.com/W01fh4cker/ScreenConnect-AuthBypass-RCE`
			`- https://github.com/cjybao/CVE-2024-1709-and-CVE-2024-1708`
Update Sun May 26 16:36:09 UTC 2024 2024-05-26 16:36:09 +00:00			`- https://github.com/codeb0ss/CVE-2024-1709-PoC`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/fkie-cad/nvd-json-data-feeds`
			`- https://github.com/myseq/vcheck-cli`
			`- https://github.com/nomi-sec/PoC-in-GitHub`
			`- https://github.com/securitycipher/daily-bugbounty-writeups`
			`- https://github.com/sxyrxyy/CVE-2024-1709-ConnectWise-ScreenConnect-Authentication-Bypass`
			`- https://github.com/tr1pl3ight/CVE-2024-21762-POC`
			`- https://github.com/tr1pl3ight/CVE-2024-23113-POC`
			`- https://github.com/tr1pl3ight/POCv2.0-for-CVE-2024-1709`
			`- https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc`
			`- https://github.com/xaitax/SploitScan`