CVE-2025-3935

⚠ KEVEPSS 6.1%

ConnectWise ScreenConnect Improper Authentication Vulnerability

Added to CISA KEV: 6/2/2025

Description

ConnectWise ScreenConnect contains an improper authentication vulnerability. This vulnerability could allow a ViewState code injection attack, which could allow remote code execution if machine keys are compromised.

Affected packages (0)

No package mapping in OSV.