๐ฅ This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)
CVE-2024-1708: ConnectWise ScreenConnect Path Traversal Vulnerability
Summary
ConnectWise ScreenConnect has a path traversal vulnerability (a flaw that lets attackers access files outside their intended directory) that could allow attackers to run remote code or steal sensitive data from critical systems. This vulnerability is actively being exploited by real attackers in the wild.
Solution / Mitigation
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Vulnerability Details
EPSS: 53.7%
Yes
๐ฅ Actively Exploited
April 27, 2026
Classification
Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-1708
First tracked: April 28, 2026 at 02:00 PM
Classified by LLM (prompt v3) ยท confidence: 95%