Languagesx
English Deutsch
Subscribe
Home Hackers actively targeting severe authentication bypass flaw in ConnectWise software

Hackers actively targeting severe authentication bypass flaw in ConnectWise software

Digital security breach scene with a computer screen showing code and a warning sign, shadowy figures in the background exploit a vulnerability, highlighting the urgency of the cybersecurity threat.
Immediate Threat: Unveiling the Cybersecurity Breach Through ConnectWise ScreenConnect Vulnerability

Security experts have raised alarms over a critical vulnerability in ConnectWise ScreenConnect, a widely used remote access tool, which they describe as “trivial and embarrassingly easy” to exploit. According to TechCrunch, this flaw, with the highest severity rating, poses a significant risk as it allows for an authentication bypass that could enable attackers to remotely access and steal sensitive data or deploy malware on affected systems. As confirmed by the ConnectWise, the software’s developer, malicious hackers are actively exploiting this flaw, posing a significant threat to data security and system integrity.

Despite initial assurances of no public exploitation, the company later confirmed incidents of compromised accounts following an investigation by their incident response team. ConnectWise has also identified and shared IP addresses linked to the attackers.

The vulnerability, impacting a tool essential for IT providers and technicians to offer remote support, was first reported to ConnectWise on February 13, with the company disclosing it in a security advisory on Feb. 19. Although the exact number of affected customers remains undisclosed, ConnectWise spokesperson Amanda Lee mentioned “limited reports” of suspected intrusions, adding that 80% of their cloud-based customer environments were patched automatically within 48 hours.

Huntress, a cybersecurity firm, published an analysis indicating ongoing exploitation of this flaw, with adversaries deploying Cobalt Strike beacons and even installing ScreenConnect clients on compromised servers. Huntress CEO Kyle Hanslovan highlighted the severity of the situation, estimating that thousands of servers controlling numerous endpoints remain vulnerable, potentially leading to a surge in ransomware attacks.

ConnectWise has issued a patch for the vulnerability and is urging users, especially those with on-premise ScreenConnect installations, to apply the update promptly. The company also addressed a separate vulnerability in its remote desktop software but has not observed any exploitation of this flaw.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

tags
Maxwell Nelson
Tech Journalist

Maxwell Nelson, a seasoned journalist and content strategist, has contributed to industry-leading platforms, weaving complex narratives into insightful articles that resonate with a broad readership.

Related News

Hackers 'steal Ready or Not developer's source code'. A hooded figure in green digital camouflage, symbolizing a hacker, holds a rifle against a backdrop of binary code.
Hackers ‘steal Ready or Not developer’s source code’
Suswati Basu
AI-inspired image of a team of Chinese hackers in a control room with the flag of China on the wall
Chinese hackers increasingly using AI to interfere in elections – report
Graeme Hanna
Man sat in bedroom on his computer at his desk
‘Millions of Americans affected by Chinese hacking plot’
Sophie Atkinson
Microsoft small-scall atomic reactors
Microsoft details update on Russian-sponsored “ongoing attack”
Graeme Hanna
An image of the Epic Games logo
Epic Games hack update – Epic has no evidence that hack is not a hoax
Paul McNally

Most Popular Tech Stories

Latest News

A photograph of Creality's K1C with the Space Pi Filament Dryer
AR/VR

How to make your own Meta Quest 3 3D printed accessories on Creality's K1C 3D Printer
Paul McNally9 hours

We have covered various aspects of 3D printing here at Readwrite over the last few months, looking mainly at how to use different 3D printers for different projects to create...

Popular TopicsArrow right.svg

AI
AI
AR / VR
AR / VR
Cryptocurrency
Cryptocurrency
Gaming
Gaming
Smartphone
Smartphone
Gambling
Gambling
Wearables
Wearables
Web
Web

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.