CVE-2026-3564

9.0

Critical

Published:17 Mar 2026

Last updated:17 Jun 2026

Source:7d616e1a-3288-43b1-a0dd-0a65d3e70a49

Awaiting Analysis

Weakness (CWE)

CWE-347CWE-347

CVSS Vector

v3.1

Attack Vector: Network
Attack Complexity: High
Privileges Required: None
User Interaction: None
Scope: Changed
Confidentiality: High
Integrity: High
Availability: High

View on MITRE Find PoC on GitHub

Description

A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios.

References

7d616e1a-3288-43b1-a0dd-0a65d3e70a49

https://www.connectwise.com/company/trust/security-bulletins/2026-03-17-screenconnect-bulletin