Actively Exploited Vulnerabilities Just Got Flagged by CISA
What is it?
The Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog—meaning they are already being used in real-world attacks.
The issues impact:
- ConnectWise ScreenConnect
- Microsoft Windows
The vulnerabilities:
- CVE-2024-1708 (CVSS 8.4)
Path traversal flaw in ScreenConnect that can lead to remote code execution and access to sensitive systems. - CVE-2026-32202 (CVSS 4.3)
Windows Shell vulnerability allowing network spoofing attacks due to a protection failure.
Both are confirmed to be actively exploited.
Why should you care?
This isn’t theoretical risk—these vulnerabilities are already being used.
- The ScreenConnect flaw has been chained with a critical authentication bypass (CVE-2024-1709) to deploy ransomware like Medusa.
- Microsoft has confirmed active exploitation of the Windows flaw shortly after updating its advisory.
- Researchers tied related activity back to APT28, a known state-sponsored threat group targeting Ukraine and EU organizations.
- Threat actors (including those tracked as Storm-1175) are leveraging these weaknesses to gain access and move quickly.
Bottom line:
If these systems are exposed or unpatched, attackers don’t need much effort—they already know how to get in.
What can you do?
Keep it simple and move quickly:
- Patch immediately
- ScreenConnect → February 2024 fix
- Windows → April 2026 update
- Check remote access tools
Anything exposed to the internet (especially ScreenConnect) should be reviewed and locked down. - Look for unusual activity
Failed logins, unexpected sessions, or unknown connections. - Layer your defenses
Endpoint detection, monitoring, and strong access controls matter here. - Don’t assume “low score = low risk”
The Windows flaw has a lower CVSS score—but it’s still being exploited.
Britec helps
Threats move fast. Patching and hoping isn’t a strategy.
Britec helps you stay ahead with proactive monitoring, patch management, and real-world security that’s built on experience—not guesswork.
Let’s keep it fun.
