CVE-2026-3564

March 18, 2026, 2:52 p.m.

9.0
Critical

Description

A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios.

Product(s) Impacted

Vendor Product Versions
Screenconnect
  • Screenconnect
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-347
Improper Verification of Cryptographic Signature
The product does not verify, or incorrectly verifies, the cryptographic signature for data.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a screenconnect screenconnect / / / / / / / /

References

https://www.connectwise.com/company/trust/security-bulletins/2026-03-17-screenconnect-bulletin

Tags

CWE-347
7d616e1a-3288-43b1-a0dd-0a65d3e70a49
2026-03-17
CVE-2026-3564

CVSS Score

9.0 / 10

CVSS Data - 3.1

  • Attack Vector: NETWORK
  • Attack Complexity: HIGH
  • Privileges Required: NONE
  • Scope: CHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: HIGH
  • Availability Impact: HIGH

    • CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

    View Vector String

Timeline

Published: March 17, 2026, 3:16 p.m.
Last Modified: March 18, 2026, 2:52 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

7d616e1a-3288-43b1-a0dd-0a65d3e70a49

Linked Attack Reports

March 2026 CVE Landscape: 31 High-Impact Vulnerabilities Identified, Interlock Ransomware Group Exploits Cisco FMC Zero-Day

In March 2026, 31 high-impact vulnerabilities were identified requiring prioritization for remediation, with 29 receiving Very Critical Risk Scores. Affected vendors included Cisco, Microsoft, Google, ConnectWise, and others, with Microsoft and Apple accounting for approximately 32% of vulnerabilit…
ransomware
remote code execution
deserialization vulnerability
CVE-2025-32432
CVE-2025-54068
CVE-2025-26399
CVE-2025-53521
CVE-2025-68613
CVE-2026-20963
CVE-2026-27483
CVE-2026-21385
CVE-2021-30952
CVE-2023-41974
plasmagrid
CVE-2026-20131
CVE-2026-27944
CVE-2017-7921
CVE-2026-21262
CVE-2026-25187
CVE-2026-26127
CVE-2026-3909
CVE-2026-3910
CVE-2026-3564
ghostblade
ghostknife
ghostsaber
CVE-2026-33017
CVE-2026-3055
CVE-2026-33634
CVE-2026-33032
2026-04-14
cisco fmc
ios exploit kit
plasmaloader
zero-day exploitation
Published: April 14, 2026
Linked vulnerabilities : CVE-2025-32432 (CVSS 10.0), CVE-2025-54068 (CVSS 9.2), CVE-2025-26399 (CVSS 9.8), CVE-2025-53521 (CVSS 8.7), CVE-2025-68613 (CVSS 9.9), CVE-2026-20963 (CVSS 8.8), CVE-2026-27483 (CVSS 8.8), CVE-2026-21385 (CVSS 7.8), CVE-2023-41974, CVE-2021-30952, CVE-2026-20131 (CVSS 10.0), CVE-2026-27944 (CVSS 9.8), CVE-2017-7921, CVE-2026-21262 (CVSS 8.8), CVE-2026-25187 (CVSS 7.8), CVE-2026-26127 (CVSS 7.5), CVE-2026-3909 (CVSS 8.8), CVE-2026-3910 (CVSS 8.8), CVE-2026-3564 (CVSS 9.0), CVE-2026-33017 (CVSS 9.3), CVE-2026-3055 (CVSS 9.3), CVE-2026-33634 (CVSS 9.4), CVE-2026-33032 (CVSS 9.8)
Downloadable IOCs: 2

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.