Executable File Vulnerability in ConnectWise Control by ConnectWise
CVE-2023-25718

9.8CRITICAL

Key Information:

Vendor: Connectwise
Status: Control
Vendor: CVE Published:; 13 February 2023

🔔 Create Connectwise Vulnerability Alert

What is CVE-2023-25718?

In recent versions of ConnectWise Control, specifically 22.9.10032, a vulnerability exists wherein after an executable file is signed, additional instructions can be appended to the file without invalidating the signature. This manipulation may result in end users being presented with a malicious executable file controlled by an attacker. Given that users might inadvertently allow the download and execution of this file, it poses a significant risk. While there are configuration options within ConnectWise Control that can mitigate these risks, users should remain vigilant and informed about the underlying behaviors of Authenticode code signing.

References

https://cybir.com/2022/cve/connectwise-control-dns-spoofi...

https://www.connectwise.com/blog/cybersecurity/the-import...

https://m.youtube.com/watch?v=fbNVUgmstSc&pp=0gcJCf0Ao7Vq...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 13, 2023
Vulnerability Reserved
Feb 13, 2023