Back

Critical Vulnerabilities in SimpleHelp Software Exploited

Severity: High (Score: 72.8)

Sources: nvd.nist.gov

Summary

Two critical vulnerabilities have been identified in SimpleHelp remote support software versions 5.5.7 and earlier. CVE-2024-57728 allows admin users to upload arbitrary files, potentially executing arbitrary code on the host system. CVE-2024-57726 enables low-privilege technicians to create API keys with excessive permissions, facilitating privilege escalation to server admin roles. Both vulnerabilities were published on January 15, 2025, and were added to the CISA Known Exploited Vulnerabilities Catalog on April 24, 2026, indicating active exploitation. Organizations using affected versions are at risk of unauthorized access and control. Immediate action is recommended to mitigate these vulnerabilities. Reference CISA's BOD 22-01 for further guidance. Key Points: • CVE-2024-57728 allows arbitrary file uploads, risking code execution. • CVE-2024-57726 permits privilege escalation via excessive API key permissions. • Both vulnerabilities are actively exploited as of April 24, 2026.

Key Entities

  • Zero-day Exploit (attack_type)
  • CVE-2024-57726 (cve)
  • CVE-2024-57728 (cve)
  • CWE-22 - Path Traversal (cwe)
  • CWE-862 - Missing Authorization (cwe)
  • Zip Slip (vulnerability)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed