Threat Intelligence / CVE / CVE-2024-57726

CVE-2024-57726

CVSS 9.9 (CRITICAL) · EPSS 0.3% · Published 2025-01-15

SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Weaknesses (CWE)

NVD-CWE-noinfo, CWE-862

Threats tracking this CVE

DragonForce: White-Label Ransomware Cartel — Scattered Spider Partnership & MSP Supply Chain Attacks — HIGH

References

https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier
https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/

Full detection coverage & IOCs for threats exploiting CVE-2024-57726 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence