ConnectWise has issued a safety replace for ScreenConnect™ to deal with a essential vulnerability that might allow attackers to reveal delicate configuration information and set up untrusted extensions.
The flaw, recognized as CVE-2025-14265, impacts solely the ScreenConnect server part, leaving host and visitor purchasers unaffected.
The vulnerability stems from improper code integrity validation throughout extension installations, categorized beneath CWE-494 (Obtain of Code With out Integrity Test).
With a CVSS 3.1 base rating of 9.1, CVE-2025-14265 falls into the “Necessary” severity class. Indicating potential compromise of confidential information or sources beneath particular situations.
CVE IDCWE IDDescriptionBase ScoreCVE-2025-14265CWE-494Download of Code With out Integrity Check9.1
Exploitation requires licensed or administrative-level entry, and ConnectWise has confirmed that there isn’t a proof of energetic exploitation within the wild.
Nevertheless, the vulnerability’s essential ranking and network-based assault vector (AV: N) underscore the significance of instant remediation.
The ScreenConnect 25.8 patch strengthens server-side validation, enforces integrity checks for extension installations, and enhances total platform safety.
All variations of ScreenConnect earlier than 25.8 are affected and require an instantaneous replace. For cloud-hosted installations on screenconnect.com or hostedrmm.com, updates have been mechanically utilized.
On-premises companions should improve to ScreenConnect model 25.8 and replace visitor purchasers accordingly.
Companions with Automate integration ought to first affirm their Automate ScreenConnect Extension is up to date to model 4.4.0.16 earlier than upgrading to ScreenConnect 25.8.
ConnectWise assigns this vulnerability a Precedence 2 – Reasonable ranking and recommends updating it inside 30 days by way of regular change administration processes.
Organizations ought to prioritize patching to forestall potential unauthorized entry to delicate configuration information and keep a safe distant entry infrastructure.
Observe us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to characteristic your tales.
