CVE-2024-1708 — Actively Exploited: ScreenConnect (ConnectWise)
ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems.
| CVE ID | CVE-2024-1708 |
|---|---|
| Vendor | ConnectWise |
| Product | ScreenConnect |
| Vulnerability name | ConnectWise ScreenConnect Path Traversal Vulnerability |
| Date added | 2026-04-28 |
| Remediation due | 2026-05-12 |
| Known ransomware use | Known |
| Required action | Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. |
| Description | ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →