Remediation and Hardening Guide for ConnectWise ScreenConnect

This guide provides remediation and hardening recommendations for addressing critical vulnerabilities in the ConnectWise ScreenConnect application, specifically CVE-2024-1708 and CVE-2024-1709, which were announced on February 19, 2024. The document outlines necessary actions for both cloud-based and on-premises users. For cloud-based controllers, no action is required as patches have been applied. However, on-premises users are advised to review the guide for suggested actions. The document details proactive preparation steps, initial investigative actions, and remediation steps to mitigate risks associated with the vulnerabilities. It emphasizes the importance of updating to the latest version of ScreenConnect, enabling advanced audit logging, and isolating impacted servers for forensic review. Additionally, it includes recommendations for monitoring and securing the application against potential exploitation, ensuring that organizations can effectively respond to the identified vulnerabilities and protect their environments.