.png?width=220&height=44&name=Nuc-logo-sketched-1%20(1).png "Nuc-logo-sketched-1 (1)"){kind=logo}
At Nucleus Networks, we understand that in today's digital landscape, security is paramount. Recently, we were alerted to a critical vulnerability in ConnectWise ScreenConnect that had the potential to compromise Client systems. Within one hour of receiving this alert, our dedicated team of experts sprang into action, effectively neutralizing the threat and ensuring the continued safety of Client data.
The Vulnerability in Question
The vulnerability we encountered was a severe one, identified as CVE-2024-1709 and CVE-2024-1708, which could allow anonymous attackers to exploit an authentication bypass flaw to create admin accounts on publicly exposed instances. This could lead to unauthorized access, data exfiltration, and potential deployment of ransomware and malware. Recognizing the gravity of the situation, we prioritized this issue above all else. Our team worked tirelessly to identify the root cause, implement a fix, and verify that all systems were secure.
ScreenConnect 25.2.4 Security Patch
Continuous Improvement: Our Core Value
We live what we preach. Security is not just a checkbox for us. It is deeply engrained in our Continuous improvement core value. This incident is a perfect example of how we constantly strive to enhance our processes and protocols.
Our swift action on the critical vulnerability showcases our dedication to not only addressing immediate threats but also learning from each experience to better protect our clients in the future. We are always looking for ways to improve our security measures and ensure that we stay ahead of potential threats.
Behind the Scenes: Our Security Protocols
While we may not always communicate the intricate details or extensive behind the scenes work provided regarding our security measures, rest assured that we are constantly vigilant. Our team of IT professionals are always on the lookout for potential threats, conducting regular audits, and staying updated with the latest security trends. This incident is a perfect example of how our behind-the-scenes efforts translate into real-world protection for our clients.
We are incredibly proud of our team's ability to respond to this critical vulnerability within just one hour. This swift action not only mitigated the immediate threat but also reinforced our clients' trust in our capabilities. Our rapid response is a reflection of our expertise, dedication, and the robust security protocols we have in place.
You don’t have to just take our word for it. Our claims are backed up and audited annually by a third party as part of our SOC2 Type II accreditation.
