Lucene search

K

MitreCVELIST:CVE-2019-16514

HistoryJan 23, 2020 - 5:21 p.m.

CVE-2019-16514

2020-01-2317:21:38

mitre

www.cve.org

7.4 High

AI Score

Confidence

High

0.081 Low

EPSS

Percentile

94.3%

An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. The server allows remote code execution. Administrative users could upload an unsigned extension ZIP file containing executable code that is subsequently executed by the server.

References

blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34

know.bishopfox.com/advisories

know.bishopfox.com/advisories/connectwise-control

www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox

www.crn.com/slide-shows/managed-services/connectwise-control-attack-chain-exploit-20-questions-for-security-researcher-bishop-fox

7.4 High

AI Score

Confidence

High

0.081 Low

EPSS

Percentile

94.3%

Related for CVELIST:CVE-2019-16514

prion1 nvd1 cve1