CVE-2025-14265 — CVSS 9.1 (critical): In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within the extension subsystem could allow the…
CVE-2023-47257 — CVSS 8.1 (high): ConnectWise ScreenConnect through 23.8.4 allows man-in-the-middle attackers to achieve remote code execution via crafted messages.
CVE-2023-47256 — CVSS 5.5 (medium): ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers via implicit trust of proxy settings
CVE-2025-14823 — CVSS 5.3 (medium): In deployments using the ScreenConnect™ Certificate Signing Extension, encrypted configuration values including an Azure Key…
CVE-2022-36781 — CVSS 5.3 (medium): ConnectWise ScreenConnect versions 22.6 and below contained a flaw allowing potential brute force attacks on custom access tokens due to…