ConnectWise ScreenConnect is a software that Managed Service Providers use to monitor and manage systems remotely. On February 19th, ConnectWise issued an advisory that all versions below 23.9.8 of ScreenConnect had two vulnerabilities (CVE-2024-1709 and CVE-2024-1708) and urged their users to patch immediately. This carried a CVSS Score of 10 (highest severity).
Nucleus received notice on Monday, February 19th and patched within 2 hours of ConnectWise publishing the alert and releasing the patch. At that time, this vulnerability had not been exploited in the wild. In summary: