ScreenConnect Authentication Bypass Exploitation Detected (CVE-2024-1709)
Feb, 22, 2024, 01:39 AM
Event ID: 229
Event Time: Feb, 22, 2024, 01:39 AM
Rule Name: SOC262 - ScreenConnect Authentication Bypass Exploitation Detected (CVE-2024-1709)
Alert Type: Web Attack
Real World Example:⭐ Several attackers began targeting vulnerable public-facing ConnectWise ScreenConnect servers to exploit them and deliver ransomware by exploiting CVE-2024-1709 in February 2024.
Severity: Critical
Incident Responder