ConnectWise ScreenConnect is actively exploited by Storm-1175 in the Medusa ransomware campaign via authentication bypass (CVE-2024-1709, CWE-306) and path traversal (CVE-2024-1708) vulnerabilities targeting internet-facing remote access infrastructure. The sub-24-hour ransomware deployment timeline means unpatched instances represent an immediate ransomware staging risk. Prioritize patching or offline isolation of all internet-facing ScreenConnect instances and review web server logs for path traversal patterns consistent with CVE-2024-1709 exploitation.