On February 19, 2024, ConnectWise ScreenConnect published a security advisory for version 23.9.8, referencing two vulnerabilities and software weaknesses.
It serves as yet another example of just how important having managed IT Support Services are for your business. Although it is a fault from a third-party service, impacts on your business are still just as frustrating no matter the source.
Let’s take a look into what occurred during this program fault, and how the team at Adept IT Solutions are well-equipped to provide proactive IT services that are secure and let you focus on your business’s goals.
What is ConnectWise ScreenConnect?
ConnectWise ScreenConnect is a self-hosted, remote desktop software application. The product is available as a cloud hosted “Software as a Service” (SaaS), or as a self-hosted server application.
The primary function of ScreenConnect allows you to repair computer complications, provide updates, and manage systems or servers remotely. Users also have the ability to conduct online seminars and presentations using remote meeting features.
Whilst we at Adept IT Solutions do not currently implement ConnectWise ScreenConnect throughout our own services, we are also aware of the fact that many of our client’s vendors do in fact utilise this product.
As part of our ongoing, proactive support, we are reaching out to known clients with connections to the product, to provide more information and guidance. If you would like to get in touch with the team at Adept IT Solutions, for any additional insight, feel free to contact us on 1300 4 23378 (ADEPT) or email us at info@adept-it.com.au.
What happened to ConnectWise ScreenConnect?
At the time of release, the ConnectWise advisory was lacking in technical details. There was limited information made publicly available as to what these vulnerabilities actually consisted of, how they might be taken advantage of, or any other threat information or indication of compromises to look for.
This was partly due to the fact that if and when additional information was made public, it would increase the ability and likelihood of malicious individuals to take advantage of the fault in the ConnectWise ScreenConnect system.
However, this lack of information was also a concern for users of the ConnectWise ScreenConnect system, as they were left in the dark with minimal answers provided.
The vulnerability was revealed with a “common vulnerability scoring system” (CVCS) of 10, the highest possible severity. ConnectWise then made a patch available and stated that all on-premises versions of ScreenConnect 23.9.7 and below must be updated straight away, whilst cloud instances were automatically patched.
Ultimately, this vulnerability was found to have an authentication bypass that was incorrectly allowing unauthenticated attackers to gain access to connected computer systems on both self-hosted and on-premises.
Bypassing the login gave attackers access to system-level access. System-level access refers to full administrative access to a network, which is clearly an alarming level of control to give to those intending on causing harm.
What are the Next Steps for ConnectWise ScreenConnect?
If you are using this service on a cloud-based system, it is claimed that you are deemed as being safe, and it is not necessary to take any further action.
However, if that is not the case, you must upgrade to the 23.9.8 version immediately. Failing to do so will simply allow those partaking in malicious attacks easier entry into your systems.
Our Managed IT Services are particularly beneficial in cases such as this vulnerability suffered by ConnectWise ScreenConnect.
If you would like to discuss our list of services, or simply would like more information on protecting your business from vulnerabilities, please feel free to contact us on 1300 4 23378 (ADEPT) or 04888 23378 (ADEPT) or email us at info@adept-it.com.au