Critical ScreenConnect Vulnerability Allows Attackers to Expose Sensitive Configuration Data

ConnectWise has released ScreenConnect version 25.8, a critical security update addressing a dangerous vulnerability that could enable unauthorized access to sensitive configuration data and installation of untrusted extensions on affected systems.

The vulnerability, tracked as CVE-2025-14265, carries a CVSS score of 9.1, indicating severe potential impact despite requiring administrative-level access to exploit.

Vulnerability Details and Risk Assessment

The vulnerability stems from insufficient code-integrity validation during extension installation, classified as CWE-494: Download of Code Without Integrity Check.

This flaw allows attackers with authorized or administrative privileges to bypass security controls and compromise the ScreenConnect server component.

ConnectWise has assigned this vulnerability a Priority 2 (Moderate) rating and recommends patching within 30 days as part of routine change management.

Notably, ConnectWise reports no evidence of active exploitation in the wild. The vulnerability affects only the ScreenConnect server component; host and guest clients remain unaffected.

This distinction is critical for organizations planning their patching strategy and risk mitigation efforts.

ConnectWise has adopted a two-pronged remediation approach tailored to deployment models.

Organizations operating ScreenConnect through ConnectWise’s cloud infrastructure, including standalone deployments, Automate/RMM integrated instances, and hostedrmm.com for Automate partners, require no action.

These systems have been automatically updated to remediation status.

For on-premises deployments, remediation requires immediate attention. Partners must upgrade to ScreenConnect version 25.8 and ensure guest clients are synchronized to the same version.

Organizations can download the update through the official ScreenConnect download portal, though valid on-premises licenses are required.

Those with expired maintenance agreements must renew or upgrade their licensing before installing the latest release.

Automating partners using the on-premises ScreenConnect integration requires additional prerequisites.

The Automate ScreenConnect Extension must be updated to version 4.4.0.16 before upgrading the ScreenConnect server to 25.8.

Partners can facilitate this update either by allowing automatic updates or manually applying patches through the Extensions tab, ensuring compatibility and system stability.

The ScreenConnect 25.8 patch implements strengthened server-side validation mechanisms and enforces comprehensive integrity checks for all extension installations.

These improvements collectively enhance platform security posture and maintain overall system stability during the upgrade process.

Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant Updates

The post Critical ScreenConnect Vulnerability Allows Attackers to Expose Sensitive Configuration Data appeared first on Cyber Security News.