| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2025-3935 | ConnectWise ScreenConnect Improper Authentication Vulnerability | exploitation_technique | T1203 | Exploitation for Client Execution |
Comments
By exploiting this vulnerability, which stems from ASP.NET and its use of ViewState, an attacker with privileged access can gain access to sensitive data, such as machine keys. By using these machine keys, the attacker can craft malicious ViewState payloads to execute remote code on the ScreenConnect server.
References
|
| CVE-2025-3935 | ConnectWise ScreenConnect Improper Authentication Vulnerability | primary_impact | T1059 | Command and Scripting Interpreter |
Comments
By exploiting this vulnerability, which stems from ASP.NET and its use of ViewState, an attacker with privileged access can gain access to sensitive data, such as machine keys. By using these machine keys, the attacker can craft malicious ViewState payloads to execute remote code on the ScreenConnect server.
References
|