Vendor

SimpleHelp

3 briefs RSS

SimpleHelp Missing Authorization Vulnerability Leads to Privilege Escalation

A missing authorization vulnerability in SimpleHelp (CVE-2024-57726) allows low-privileged technicians to create API keys with excessive permissions, potentially escalating privileges to the server admin role.

SimpleHelp privilege-escalation missing-authorization cloud

2r 1t 1c Jun 25, 2024

critical advisory

SimpleHelp Path Traversal Vulnerability (CVE-2024-57728)

2 rules 3 TTPs 1 CVE

CVE-2024-57728 is a path traversal vulnerability in SimpleHelp that allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file, potentially leading to arbitrary code execution.

SimpleHelp cve-2024-57728 path-traversal zip-slip

2r 3t 1c Jun 25, 2024

medium advisory

Detection of Windows RMM Tool Execution

3 rules 1 TTP

Detects process creation events indicative of remote management tools, potentially signifying legitimate use or malicious exploitation by threat actors abusing RMM software.

AnyDesk +28 rmm remote-access sysmon

3r 1t Jan 3, 2024