CVE-2024-57726: SimpleHelp Missing Authorization Vulnerability. SimpleHelp

SimpleHelp Missing Authorization Vulnerability. SimpleHelp contains a missing authorization vulnerability that could allow low-privileged technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role.

• CISA KEV-listed (remediation due 2026-05-08)
• used in ransomware campaigns
• EPSS 38.8% (97.4% percentile)

Browse the CVE database

Read the full analysis on IntelFusions