CVE-2025-3935CISA KEV: Actively Exploited

ConnectWise ScreenConnect Improper Authentication Vulnerability

Published Jun 2, 2025·Updated Jun 2, 2025

Description

ConnectWise ScreenConnect contains an improper authentication vulnerability. This vulnerability could allow a ViewState code injection attack, which could allow remote code execution if machine keys are compromised.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free