THREATOPS
THREAT OPSCVEs › CVE-2025-3935

CVE-2025-3935 — ConnectWise ScreenConnect Improper Authentication Vulnerability

CISA KEVExploited: confirmedConnectWise

ConnectWise ScreenConnect contains an improper authentication vulnerability. This vulnerability could allow a ViewState code injection attack, which could allow remote code execution if machine keys are compromised.

Vulnerability details