CVE-2024-1708
Improper limitation of a pathname to a restricted directory (“path traversal”)
Vexday Risk Score
88Fix now
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 8.4EPSS 87.6%KEV simPoC —Nuclei —Metasploit simPatch —
Lifecycle
19 Feb 2024Metasploit module available
21 Feb 2024Published on NVD
28 Apr 2026Active exploitation (CISA KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short
ConnectWise ScreenConnect versions 23.9.7 and earlier contain a path-traversal flaw that lets attackers access files outside intended directories, potentially leading to remote code execution or exposure of sensitive data.
Technical detail
A path-traversal vulnerability in ConnectWise ScreenConnect ≤23.9.7 allows an unauthenticated or low-privileged attacker to escape directory restrictions and read or write arbitrary files on the system. Exploitation could lead to remote code execution or unauthorized access to confidential data and critical system resources.
Summary generated and translated by AI from the official description.
ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker
the ability to execute remote code or directly impact confidential data or critical systems.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
Affected products
ConnectWise · ScreenConnectWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-1708https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypasshttps://www.microsoft.com/en-us/security/blog/2026/04/06/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-operations/