The Hacker News

CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV

[email protected] (The Hacker News) · 2026-04-29 · Read original ↗

ATT&CK techniques detected

1 predictions

T1190Exploit Public-Facing Application

75%

"cisa adds actively exploited connectwise and windows flaws to kev the u. s. cybersecurity and infrastructure security agency ( cisa ) on tuesday added two security flaws impacting connectwise screenconnect and microsoft windows to its known exploited vulnerabilities ( kev ) catal…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

Summary

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities are listed below - CVE-2024-1708 (CVSS score: 8.4) - A path traversal vulnerability in  ConnectWise ScreenConnect