CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV

Source: The Hacker News

Added Vulnerabilities

• CVE‑2024‑1708

  • CVSS v3.1 Score: 8.4
  • Description: Path traversal vulnerability in ConnectWise ScreenConnect.
  • Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1708

• CVE‑2024‑XXXXX (placeholder for the Windows flaw; replace with actual CVE ID when available)

  • CVSS v3.1 Score: (insert score)
  • Description: Vulnerability affecting Microsoft Windows.
  • Reference: (insert relevant link)

These flaws have been added to the CISA Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation.