CVE-2024-57726
CVE-2024-57726
In short
SimpleHelp remote support software versions 5.5.7 and earlier allow technicians with basic permissions to create API keys that grant them full admin access. An attacker with low-level technician access can abuse this to take complete control of the server.
Technical detail
CWE-862 (Missing Authorization) allows unauthenticated or insufficiently privileged technicians to generate API keys with unrestricted permissions, enabling privilege escalation from technician role to server administrator. The vulnerability affects SimpleHelp v5.5.7 and prior; exploitation requires valid technician credentials but no additional server-side controls validate API key permission scope.
Summary generated and translated by AI from the official description.
SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlierhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-57726https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/https://www.microsoft.com/en-us/security/blog/2026/04/06/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-operations/https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-dragonforce