diff --git a/cases/CG-2024-00002/index.html b/cases/CG-2024-00002/index.html
index 5707abd..a1e5600 100644
--- a/cases/CG-2024-00002/index.html
+++ b/cases/CG-2024-00002/index.html
@@ -186,12 +186,12 @@ Soufian El Yadmani
Researchers: Chris Heald, Gabriel Tarsia, Michael Rowley, Soufian El Yadmani, Tuhin Mukherjee, Victor Gevers, Brad Lynch.
- CVE: n/a
+ CVE(s):CVE-2024-1708, CVE-2024-1709
Product: ScreenConnect
Vulnerable Versions: ScreenConnect 23.9.7 and prior
Vendor Statement: https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8
- Published: 21 Feb 2024 13:00 CET
- Last updated: 21 Feb 2024 17:48 CET
+ Published: 21 Feb 2024 13:00 CET
+ Last updated: 21 Feb 2024 18:26 CET
Summary
ConnectWise addressed ScreenConnect vulnerabilities enabling unauthorized administrator account creation, with an exploit elevating the risk. No CVEs assigned. Immediate update to version 23.9.8 required for self-hosted/on-premise users. Confirmed compromised accounts and associated threat actor IP addresses are shared on the ConnectWise website.