CVE-2023-25718 Information

Description

The cryptographic code signing process and controls on ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect) are cryptographically flawed. An attacker can remotely generate or locally alter file contents and bypass code-signing controls. This can be used to execute code as a trusted application provider escalate privileges or execute arbitrary commands in the context of the user. The attacker tampers with a trusted signed executable in transit.

Reference

https://www.connectwise.com https://cybir.com/2022/cve/connectwise-control-dns-spoofing-poc/