CVE-2024-1708: ConnectWise ScreenConnect Path Traversal Vulnerability.

ConnectWise ScreenConnect Path Traversal Vulnerability. ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems.

• CISA KEV-listed (remediation due 2026-05-12)
• used in ransomware campaigns
• EPSS 84.8% (99.4% percentile)

Detection rules

• CVE-2024-1708 - ScreenConnect Path Traversal Exploitation medium
• CVE-2024-1708 - ScreenConnect Path Traversal Exploitation - Security critical
• ScreenConnect - SlashAndGrab Exploitation Indicators high
• Remote Access Tool - ScreenConnect Remote Command Execution - Hunting medium
• Potentially Suspicious File Download From File Sharing Domain Via PowerShell.EXE high
• Suspicious PowerShell IEX Execution Patterns high
• Remote Access Tool - ScreenConnect Potential Suspicious Remote Command Execution medium
• Remote Access Tool - Simple Help Execution medium
• User Added To Highly Privileged Group high
• Weak or Abused Passwords In CLI medium

Browse the CVE database

Read the full analysis on IntelFusions