A critical improper authentication vulnerability has been discovered in ConnectWise ScreenConnect, tracked as CVE-2025-3935 and mapped to CWE-287 (Improper Authentication). This flaw affects all ScreenConnect versions up to and including 25.2.3, exposing them to ViewState code injection attacks that could result in remote code execution (RCE) if machine keys are compromised. Technical Details: Vulnerability Summary […] The post CISA Alerts on ConnectWise ScreenConnect Authentication Vulnerability Actively Exploited appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/cisa-alerts-on-connectwise-screenconnect/
