Unrated severityNVD Advisory· Published Mar 17, 2026· Updated Mar 18, 2026

ScreenConnect Instance Level Cryptographic Material Exposure

CVE-2026-3564

Description

A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios.

Affected products

Connectwise/Screenconnectv5
Range: All versions prior to 26.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.connectwise.com/company/trust/security-bulletins/2026-03-17-screenconnect-bulletinmitre

News mentions

CloudZ RAT potentially steals OTP messages using Pheno plugin
Cisco Talos Intelligence · May 5, 2026
Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools
The Hacker News · May 4, 2026
TeamPCP Weekly Analysis: 2026-W18 (2026-04-27 through 2026-05-03), (Mon, May 4th)
SANS Internet Storm Center · May 4, 2026
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
The Hacker News · Apr 29, 2026
23rd March – Threat Intelligence Report
Check Point Research · Mar 23, 2026
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Alerts

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000