Every CVE whose affected-product data names Connectwise Control, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2023-25718 — CVSS 9.8 (critical): In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signed, additional instructions…
CVE-2019-16517 — CVSS 9.8 (critical): An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a CORS misconfiguration, which…
CVE-2019-16513 — CVSS 8.8 (high): An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. CSRF can be used to send API requests.
CVE-2023-25719 — CVSS 8.8 (high): ConnectWise Control before 22.9.10032 (formerly known as ScreenConnect) fails to validate user-supplied parameters such as the…
CVE-2019-16514 — CVSS 7.2 (high): An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. The server allows remote code execution…
CVE-2019-16515 — CVSS 6.5 (medium): An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. Certain HTTP security headers are not…
CVE-2019-16516 — CVSS 5.3 (medium): An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a user enumeration…
CVE-2019-16512 — CVSS 4.8 (medium): An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is stored XSS in the Appearance…