A condition in the ScreenConnect server component may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios. ScreenConnect host and guest client agents are not independently affected by this CVE.
History

Thu, 09 Jul 2026 18:00:00 +0000

Type Values Removed Values Added
Description A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios. A condition in the ScreenConnect server component may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios. ScreenConnect host and guest client agents are not independently affected by this CVE.

Wed, 18 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Connectwise
Connectwise screenconnect
Vendors & Products Connectwise
Connectwise screenconnect

Tue, 17 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 17 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Description A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios.
Title ScreenConnect Instance Level Cryptographic Material Exposure
Weaknesses CWE-347
References
Metrics cvssV3_1

{'score': 9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: ConnectWise

Published:

Updated: 2026-07-09T17:20:18.051Z

Reserved: 2026-03-04T20:04:12.757Z

Link: CVE-2026-3564

cve-icon Vulnrichment

Updated: 2026-03-17T15:24:45.359Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-17T15:16:19.253

Modified: 2026-06-17T10:43:47.793

Link: CVE-2026-3564

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-15T12:15:06Z