Remote code execution

2020-01-2318:15:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

High

0.081 Low

EPSS

Percentile

94.3%

JSON

An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. The server allows remote code execution. Administrative users could upload an unsigned extension ZIP file containing executable code that is subsequently executed by the server.

CPENameOperatorVersion
controleq19.3.25270.7185

CPE	Name	Operator	Version
	control	eq	19.3.25270.7185

References

blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34

know.bishopfox.com/advisories

know.bishopfox.com/advisories/connectwise-control

www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox

www.crn.com/slide-shows/managed-services/connectwise-control-attack-chain-exploit-20-questions-for-security-researcher-bishop-fox