All CVEs
Vulnerability intelligence

CVE-2024-1708

ConnectWise ScreenConnect Path Traversal Vulnerability

ConnectWise ScreenConnect CWE-22

ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker the ability to execute remote code or directly impact confidential data or critical systems.

CVSS Score
8.4
High
EPSS — Exploit Probability
88%
Riskier than 100% of all CVEs
Exploitation
Confirmed in the wild
Used in ransomware campaigns
Remediation
Patch available
Federal deadline 2026-05-12
CISA required action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Deadline for federal agencies: 2026-05-12.

NVD entry Vendor patch PoC / advisory CISA KEV

4 articles across 4 outlets · first covered Apr 28, 2026 · latest Apr 29, 2026

Tracked incidents

Associated threat actors

Coverage timeline

Related CVEs — ConnectWise