Vulnerability Details CVE-2024-57726
SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.492
EPSS Ranking 97.8%
CVSS Severity
CVSS v3 Score 9.9
Proposed Action
SimpleHelp contains a missing authorization vulnerability that could allow low-privileged technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role.
Ransomware Campaign
Unknown
References
- https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier
- https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-57726
- https://www.microsoft.com/en-us/security/blog/2026/04/06/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-operations/
- https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-dragonforce
Products affected by CVE-2024-57726
-
cpe:2.3:a:simple-help:simplehelp:-
-
cpe:2.3:a:simple-help:simplehelp:5.0.0
-
cpe:2.3:a:simple-help:simplehelp:5.0.1
-
cpe:2.3:a:simple-help:simplehelp:5.0.10
-
cpe:2.3:a:simple-help:simplehelp:5.0.11
-
cpe:2.3:a:simple-help:simplehelp:5.0.12
-
cpe:2.3:a:simple-help:simplehelp:5.0.13
-
cpe:2.3:a:simple-help:simplehelp:5.0.14
-
cpe:2.3:a:simple-help:simplehelp:5.0.15
-
cpe:2.3:a:simple-help:simplehelp:5.0.16
-
cpe:2.3:a:simple-help:simplehelp:5.0.17
-
cpe:2.3:a:simple-help:simplehelp:5.0.18
-
cpe:2.3:a:simple-help:simplehelp:5.0.19
-
cpe:2.3:a:simple-help:simplehelp:5.0.2
-
cpe:2.3:a:simple-help:simplehelp:5.0.20
-
cpe:2.3:a:simple-help:simplehelp:5.0.3
-
cpe:2.3:a:simple-help:simplehelp:5.0.4
-
cpe:2.3:a:simple-help:simplehelp:5.0.5
-
cpe:2.3:a:simple-help:simplehelp:5.0.6
-
cpe:2.3:a:simple-help:simplehelp:5.0.7
-
cpe:2.3:a:simple-help:simplehelp:5.0.8
-
cpe:2.3:a:simple-help:simplehelp:5.0.9
-
cpe:2.3:a:simple-help:simplehelp:5.1.0
-
cpe:2.3:a:simple-help:simplehelp:5.1.1
-
cpe:2.3:a:simple-help:simplehelp:5.1.2
-
cpe:2.3:a:simple-help:simplehelp:5.1.3
-
cpe:2.3:a:simple-help:simplehelp:5.1.4
-
cpe:2.3:a:simple-help:simplehelp:5.1.5
-
cpe:2.3:a:simple-help:simplehelp:5.1.6
-
cpe:2.3:a:simple-help:simplehelp:5.1.7
-
cpe:2.3:a:simple-help:simplehelp:5.1.8
-
cpe:2.3:a:simple-help:simplehelp:5.2.0
-
cpe:2.3:a:simple-help:simplehelp:5.2.1
-
cpe:2.3:a:simple-help:simplehelp:5.2.10
-
cpe:2.3:a:simple-help:simplehelp:5.2.11
-
cpe:2.3:a:simple-help:simplehelp:5.2.12
-
cpe:2.3:a:simple-help:simplehelp:5.2.13
-
cpe:2.3:a:simple-help:simplehelp:5.2.14
-
cpe:2.3:a:simple-help:simplehelp:5.2.15
-
cpe:2.3:a:simple-help:simplehelp:5.2.16
-
cpe:2.3:a:simple-help:simplehelp:5.2.17
-
cpe:2.3:a:simple-help:simplehelp:5.2.2
-
cpe:2.3:a:simple-help:simplehelp:5.2.3
-
cpe:2.3:a:simple-help:simplehelp:5.2.4
-
cpe:2.3:a:simple-help:simplehelp:5.2.5
-
cpe:2.3:a:simple-help:simplehelp:5.2.6
-
cpe:2.3:a:simple-help:simplehelp:5.2.7
-
cpe:2.3:a:simple-help:simplehelp:5.2.9
-
cpe:2.3:a:simple-help:simplehelp:5.3.0
-
cpe:2.3:a:simple-help:simplehelp:5.3.1
-
cpe:2.3:a:simple-help:simplehelp:5.3.2
-
cpe:2.3:a:simple-help:simplehelp:5.3.3
-
cpe:2.3:a:simple-help:simplehelp:5.3.4
-
cpe:2.3:a:simple-help:simplehelp:5.3.5
-
cpe:2.3:a:simple-help:simplehelp:5.3.6
-
cpe:2.3:a:simple-help:simplehelp:5.3.7
-
cpe:2.3:a:simple-help:simplehelp:5.3.8
-
cpe:2.3:a:simple-help:simplehelp:5.3.9
-
cpe:2.3:a:simple-help:simplehelp:5.4.0
-
cpe:2.3:a:simple-help:simplehelp:5.4.1
-
cpe:2.3:a:simple-help:simplehelp:5.4.10
-
cpe:2.3:a:simple-help:simplehelp:5.4.2
-
cpe:2.3:a:simple-help:simplehelp:5.4.3
-
cpe:2.3:a:simple-help:simplehelp:5.4.4
-
cpe:2.3:a:simple-help:simplehelp:5.4.5
-
cpe:2.3:a:simple-help:simplehelp:5.4.6
-
cpe:2.3:a:simple-help:simplehelp:5.4.7
-
cpe:2.3:a:simple-help:simplehelp:5.4.8
-
cpe:2.3:a:simple-help:simplehelp:5.4.9
-
cpe:2.3:a:simple-help:simplehelp:5.5.0
-
cpe:2.3:a:simple-help:simplehelp:5.5.1
-
cpe:2.3:a:simple-help:simplehelp:5.5.2
-
cpe:2.3:a:simple-help:simplehelp:5.5.3
-
cpe:2.3:a:simple-help:simplehelp:5.5.4
-
cpe:2.3:a:simple-help:simplehelp:5.5.5
-
cpe:2.3:a:simple-help:simplehelp:5.5.6
-
cpe:2.3:a:simple-help:simplehelp:5.5.7