Pending Review

Ability to Approve newly installed unattended access devices before they are added

jeff weinman 10 months ago 0

If installers get in the wrong hands, unknown unattended access devices are added. This could allow an adversary to gather information about a ScreenConnect instance to potentially attack it. Additionally, it's common to get rogue devices show up. When unattended access is installed, we would like the device to go into a holding position and need approval before it's fully accessible in the system. Our RMM does this and it works well. Ideally, there should be minimal communication with the agent while it's waiting for approval to avoid an adversary mapping things out.