CVE-2024-57726 Information

Description

SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role.

Reference

https://simple-help.com/kb—security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/