Paul Whiting

**Name of the Vulnerable Software and Affected Versions** ScreenConnect versions prior to 25.8 **Description** The ScreenConnect server component, in versions prior to 25.8, has insufficient server-side validation and integrity checks within its extension subsystem. This allows the installation and execution of untrusted or arbitrary extensions by authorized or administrative users. Successful exploitation could lead to the execution of custom code on the server or unauthorized access to application configuration data. Approximately 177,400 instances are potentially exposed. The issue impacts only the server component, and host and guest clients are not affected. The extension framework lacks proper validation, potentially enabling remote code execution through malicious extensions. **Recommendations** Update ScreenConnect to version 25.8 to benefit from enhanced server-side configuration handling and integrity checks.