CVE-2024-57726

Name of the Vulnerable Software and Affected Versions SimpleHelp remote support software versions 5.5.7 and before

Description The issue allows low-privileges technicians to create API keys with excessive permissions, which can be used to escalate privileges to the server admin role. Attackers can also upload arbitrary files to the SimpleHelp server and escalate privileges, allowing remote code execution (RCE) to be carried out. Hackers are exploiting these flaws for ransomware preparation, gaining access, persistence, and lateral movement.

Recommendations SimpleHelp remote support software versions 5.5.7 and before: Update to a version that includes a fix for this issue to prevent low-privileges technicians from creating API keys with excessive permissions and to mitigate the risk of ransomware exploits. As a temporary workaround, consider restricting the creation of API keys and limiting privileges for technicians to minimize the risk of exploitation.