{"api_version":"1","generated_at":"2026-04-23T01:13:04+00:00","cve":"CVE-2023-25718","urls":{"html":"https://cve.report/CVE-2023-25718","api":"https://cve.report/api/cve/CVE-2023-25718.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-25718","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-25718"},"summary":{"title":"CVE-2023-25718","description":"** DISPUTED ** In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a (different) attacker-controlled executable file. It is plausible that the end user may allow the download and execution of this file to proceed. There are ConnectWise Control configuration options that add mitigations. NOTE: this may overlap CVE-2023-25719. NOTE: the vendor's position is that this purported vulnerability represents a \"fundamental lack of understanding of Authenticode code signing behavior.\"","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2023-02-13 20:15:00","updated_at":"2023-11-07 04:09:00"},"problem_types":["CWE-347"],"metrics":[],"references":[{"url":"https://cybir.com/2022/cve/connectwise-control-dns-spoofing-poc/","name":"https://cybir.com/2022/cve/connectwise-control-dns-spoofing-poc/","refsource":"MISC","tags":[],"title":"Proof Of Concept: Connectwise Control Screenconnect Signed Executable to Arbitrary Code Execution via ARP Poisoning / DNS Hijacking / Unsanitized Client Parameters or Host Headers with CVE-2020-3147 (Cisco Sx / SMB Series Switches) - CYBIR - Cyber Security, Incident Response, & Digital Forensics","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.huntress.com/blog/clearing-the-air-overblown-claims-of-vulnerabilities-exploits-severity","name":"https://www.huntress.com/blog/clearing-the-air-overblown-claims-of-vulnerabilities-exploits-severity","refsource":"MISC","tags":[],"title":"Clearing the Air: Overblown Claims of Vulnerabilities, Exploits & Severity","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.connectwise.com/blog/cybersecurity/the-importance-of-responsible-security-disclosures","name":"https://www.connectwise.com/blog/cybersecurity/the-importance-of-responsible-security-disclosures","refsource":"MISC","tags":[],"title":"The Importance of Responsible Security Disclosures","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.connectwise.com","name":"https://www.connectwise.com","refsource":"MISC","tags":[],"title":"MSP Technology | IT Management Software | ConnectWise","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-25718","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25718","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"25718","vulnerable":"1","versionEndIncluding":"22.9.10032","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"connectwise","cpe5":"control","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2023-25718","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"** DISPUTED ** In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a (different) attacker-controlled executable file. It is plausible that the end user may allow the download and execution of this file to proceed. There are ConnectWise Control configuration options that add mitigations. NOTE: this may overlap CVE-2023-25719. NOTE: the vendor's position is that this purported vulnerability represents a \"fundamental lack of understanding of Authenticode code signing behavior.\""}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://www.connectwise.com","refsource":"MISC","name":"https://www.connectwise.com"},{"refsource":"MISC","name":"https://cybir.com/2022/cve/connectwise-control-dns-spoofing-poc/","url":"https://cybir.com/2022/cve/connectwise-control-dns-spoofing-poc/"},{"refsource":"MISC","name":"https://www.huntress.com/blog/clearing-the-air-overblown-claims-of-vulnerabilities-exploits-severity","url":"https://www.huntress.com/blog/clearing-the-air-overblown-claims-of-vulnerabilities-exploits-severity"},{"refsource":"MISC","name":"https://www.connectwise.com/blog/cybersecurity/the-importance-of-responsible-security-disclosures","url":"https://www.connectwise.com/blog/cybersecurity/the-importance-of-responsible-security-disclosures"}]}},"nvd":{"publishedDate":"2023-02-13 20:15:00","lastModifiedDate":"2023-11-07 04:09:00","problem_types":["CWE-347"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:connectwise:control:*:*:*:*:*:*:*:*","versionEndIncluding":"22.9.10032","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}