COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2024-1708

CVE-2024-1708

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2026-04-28
Reference
https://nvd.nist.gov/vuln/detail/CVE-2024-1708
⚡ RCE ⌖ exploited in the wild shame 85/100 ransomwareexploited-in-wildrcesupply-chain

ConnectWise ScreenConnect exploited via CVE-2024-1708 enables remote code execution and ransomware-linked attacks.

This path traversal vulnerability allows attackers to execute arbitrary code on the ScreenConnect platform, directly impacting DIB organizations relying on remote management tools. The active exploitation and ransomware linkage indicate a high-risk exposure that could compromise sensitive data and critical systems if unpatched.

Shame score — Active exploitation of a critical RCE vulnerability linked to ransomware demonstrates a severe security failure that could lead to significant data breaches and compliance violations.

Players implicated

ConnectWise · vendorScreenConnect · product

Description

ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.