-
MDRAddress the growing frequency, type, and severity of cyber threats against SMB endpoints
-
SIEMCentralize threat visibility and analysis, backed by cutting-edge threat intelligence
-
Risk Assessment & Vulnerability ManagementIdentify unknown cyber risks and routinely scan for vulnerabilities
-
Identity ManagementSecure and streamline client access to devices and applications with strong authentication and SSO
-
Cloud App SecurityMonitor and manage SaaS security risks for the entire Microsoft 365 environment.
-
SASEZero trust secure access for users, locations, and devices
-
Enterprise-grade SOCProvide 24/7 threat monitoring and response backed by proprietary threat research and intelligence and certified cyber experts
-
Policy ManagementCreate, deploy, and manage client security policies and profiles
-
Incident Response ServiceOn-tap cyber experts to address critical security incidents
-
Cybersecurity GlossaryGuide to the most common, important terms in the industry
ConnectWise ScreenConnect 23.8 Security Fix
11/20/2023
Date: 11/20/2023
Product(s): ConnectWise ScreenConnect, ConnectWise Automate (cloud instances only where ScreenConnect is installed)
Severity: Important
Priority: 1—High
Vulnerability
CVE-2023-47256: ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers via implicit trust of proxy settings.
CVE-2023-47257: ConnectWise ScreenConnect through 23.8.4 allows man-in-the-middle attackers to achieve remote code execution via crafted messages.
Severity
Important—Vulnerabilities that could compromise confidential data or other processing resources but require additional access / privilege to do so.
Priority
1—Vulnerabilities that are either being targeted or have higher risk of being targeted by exploits in the wild. Recommend installing updates as emergency changes or as soon as possible (e.g., within days).
Affected versions
ConnectWise ScreenConnect versions 23.8 and earlier are impacted, in addition to ConnectWise Automate cloud instances where ScreenConnect is installed.
Remediation
CLOUD:
Cloud instances are being automatically updated on a rolling schedule; however, administrators can manually force this update through cloud.screenconnect.com. See the following steps to upgrade:
- https://docs.connectwise.com/ConnectWise_ScreenConnect_Documentation/Get_started/Cloud_portal/Instances_page/Upgrade_a_cloud_instance
- Update guest clients to the server version Reinstall and upgrade an access agent - ConnectWise
ON-PREMISE:
Please upgrade to ScreenConnect version 23.8.5 and update your guest clients to the same version.
Automate partners with ConnectWise ScreenConnect:
For Automate partners with the ScreenConnect plugin, to check if a new build has been released for your ScreenConnect installation visit: Upgrading ConnectWise ScreenConnect via the Plugin.