Unpatched ScreenConnect servers open to attack (CVE-2026-3564)

ConnectWise has patched a critical vulnerability (CVE-2026-3564) that could enable attackers to hijack ScreenConnect sessions by abusing ASP.NET machine keys to forge trusted authentication. About CVE-2026-3564 The ScreenConnect remote access platform is popular with managed service providers, IT departments, and technology solution providers. They can opt for the cloud-hosted version or can deploy it on their own servers or in their private cloud. CVE-2026-3564 stems from improper verification of cryptographic signature, can be exploited remotely … More → The post Unpatched ScreenConnect servers open to attack (CVE-2026-3564) appeared first on Help Net Security.
http://news.poseidon-us.com/TRbnkK

Unpatched ScreenConnect servers open to attack (CVE-2026-3564)

Like this:

Related

More Posts

Authorities disrupt four IoT botnets behind record DDoS attacks

GSocket Backdoor Delivered Through Bash Script, (Fri, Mar 20th)

AppViewX acquires Eos to extend identity security to AI agents and workloads

Share this: