MDRAddress the growing frequency, type, and severity of cyber threats against SMB endpoints
SIEMCentralize threat visibility and analysis, backed by cutting-edge threat intelligence
Risk Assessment & Vulnerability ManagementIdentify unknown cyber risks and routinely scan for vulnerabilities
Identity ManagementSecure and streamline client access to devices and applications with strong authentication and SSO
Cloud App SecurityMonitor and manage SaaS security risks for the entire Microsoft 365 environment.
SASEZero trust secure access for users, locations, and devices
Enterprise-grade SOCProvide 24/7 threat monitoring and response backed by proprietary threat research and intelligence and certified cyber experts
Policy ManagementCreate, deploy, and manage client security policies and profiles
Incident Response ServiceOn-tap cyber experts to address critical security incidents
Cybersecurity GlossaryGuide to the most common, important terms in the industry
ConnectWise ScreenConnect 23.8 Security Fix
Product(s): ConnectWise ScreenConnect, ConnectWise Automate (cloud instances only where ScreenConnect is installed)
CVE-2023-47256: ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers via implicit trust of proxy settings.
CVE-2023-47257: ConnectWise ScreenConnect through 23.8.4 allows man-in-the-middle attackers to achieve remote code execution via crafted messages.
Important—Vulnerabilities that could compromise confidential data or other processing resources but require additional access / privilege to do so.
1—Vulnerabilities that are either being targeted or have higher risk of being targeted by exploits in the wild. Recommend installing updates as emergency changes or as soon as possible (e.g., within days).
ConnectWise ScreenConnect versions 23.8 and earlier are impacted, in addition to ConnectWise Automate cloud instances where ScreenConnect is installed.
Cloud instances are being automatically updated on a rolling schedule; however, administrators can manually force this update through cloud.screenconnect.com. See the following steps to upgrade:
- Update guest clients to the server version Reinstall and upgrade an access agent - ConnectWise
Please upgrade to ScreenConnect version 23.8.5 and update your guest clients to the same version.
Automate partners with ConnectWise ScreenConnect:
For Automate partners with the ScreenConnect plugin, to check if a new build has been released for your ScreenConnect installation visit: Upgrading ConnectWise ScreenConnect via the Plugin.