ConnectWise's ScreenConnect software has been found to have critical vulnerabilities, including an authentication bypass leading to remote code execution. Security experts warn that the exploitation of these flaws is trivial and actively happening in the wild. Researchers have recreated the exploit and shared details, with CVEs assigned for the vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings and deadlines related to the vulnerabilities, with reports of ransomware attacks exploiting the flaws.