ConnectWise confirms ScreenConnect flaw under active exploitation


Less than 24 hours after releasing emergency patches for critical security flaws in its ScreenConnect remote desktop access product, ConnectWise reports that hackers are already launching exploits to take over enterprise accounts.

“We received updates of compromised accounts, which our incident response team was able to investigate and confirm,” ConnectWise stated in a recent update to its advisory. The acknowledgment of in-the-wild exploitation comes as several security companies release proof-of-concept code, emphasizing the importance for businesses to upgrade on-premises installations to ConnectWise ScreenConnect 23.9.8.

“The ‘exploit’ is trivial and embarrassingly easy,” according to technical documentation released by Huntress, a managed security service provider.

Read More: ConnectWise Confirms ScreenConnect Flaw Under Active Exploitation

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.