ConnectWise has fixed two critical vulnerabilities in ScreenConnect that could allow remote code execution and impact confidential data or critical systems. Immediate action is recommended to patch the vulnerabilities, although there is no evidence of exploitation in the wild. Partners using self-hosted or on-premise servers should update to version 23.9.8 to apply the patch. Cloud hosted is already patched.
Why do we care?
I don’t usually hit up patches this specifically, but it was a holiday weekend, and my inbox seemed to light up with this one.
