Security BulletinsRiskIncident ResponseMarch 7, 2024

ORDR Security Bulletin ConnectWise Screenconnect CVEs

This security bulletin details two critical vulnerabilities in ConnectWise ScreenConnect (CVE-2024-1709 and CVE-2024-1708) that affect all versions before 23.9.8 and are actively exploited by ransomware groups. Healthcare organizations using ScreenConnect gain essential patch guidance, exploitation indicators, and immediate mitigation steps to protect remote access infrastructure from active threats.

What you'll learn

Identify all ScreenConnect instances in your environment and verify versions below 23.9.8
Understand exploitation techniques used by ransomware groups targeting your industry
Implement urgent patches and detection signatures to block active attack vectors

Access resource

Frequently asked questions

Which ConnectWise ScreenConnect versions are vulnerable to CVE-2024-1709 and CVE-2024-1708?: All ConnectWise ScreenConnect versions before 23.9.8 are vulnerable to these critical CVEs. ORDR's security bulletin provides version verification steps to identify affected instances in your environment and prioritize immediate patching.
Are these ScreenConnect vulnerabilities being actively exploited?: Yes, ransomware groups are actively exploiting CVE-2024-1709 and CVE-2024-1708 in the wild. ORDR's bulletin details specific exploitation techniques targeting healthcare and other industries, helping you understand the real-world attack vectors threatening your remote access infrastructure.
What immediate steps should I take to protect ScreenConnect from these exploits?: ORDR recommends urgent patching to version 23.9.8 or later, implementing provided detection signatures, and identifying all ScreenConnect instances in your environment. The security bulletin includes specific mitigation steps and exploitation indicators to block active attack vectors and reduce ransomware risk.

Related resources

Solution Briefs

ORDR and Qualys Cloud Platform

Solution Briefs

Uncover What’s Hidden: Full IoT, OT, and IoMT Network Visibility with ORDR and Garland Technology

Solution Briefs

ORDR + Carbon Black

Integration Brief

Mobile Device Management

This resource is published by ORDR, the connected asset security company. ORDR delivers AI-powered visibility, risk assessment, and automated protection for IoT, OT, and IoMT devices across healthcare, manufacturing, government, and financial environments. Browse all resources →