claytonvantol.us
SESSION: secure TLS: 1.3 PID: 1337

clayton@site:~/news$ cat cve-2025-3935-connectwise-screenconnect.log

CVE-2025-3935 — ConnectWise ScreenConnect Improper Authentication Vulnerability

2025-06-02 • CISA Known Exploited Vulnerability

[event] ConnectWise ScreenConnect contains an improper authentication vulnerability. This vulnerability could allow a ViewState code injection attack, which could allow remote code execution if machine keys are compromised.

> AFFECTED SOFTWARE

Field Value
Vendor ConnectWise
Product ScreenConnect
CWE CWE-287
CVE ID CVE-2025-3935
Date Added 2025-06-02
Due Date 2025-06-23
Ransomware Campaign Unknown

> MITIGATION

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Due Date: 2025-06-23

> REFERENCES

← back to terminal

UPTIME: 1337d v2.0.1 privacy LAST LOGIN: 2026-05-30 20:36:08 UTC