SimpleHelp Software Snafu: Hackers Exploit Freshly Fixed Flaws for Fun and Profit
Attackers exploit SimpleHelp RMM software flaws, using vulnerabilities to breach networks, experts warn. Horizon3 discovered three vulnerabilities allowing unauthorized file access and privilege escalation. Despite patches, Arctic Wolf reports ongoing attacks targeting SimpleHelp servers. Experts recommend uninstalling unused software and rotating passwords to minimize risks.
Hot Take:
Who knew SimpleHelp could become SimpleHack? Looks like some cyber mischief-makers found the “easy button” for infiltrating networks via this RMM software. Time to patch up and lock down before your servers become the neighborhood hangout for hackers!
Key Points:
- Three vulnerabilities in SimpleHelp RMM software, CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728, have been targeted by attackers.
- The flaws allow path traversal, arbitrary file uploads, and privilege escalation.
- SimpleHelp released a patch (version 5.3.9) on January 13, 2025, to address these issues.
- Attacks began shortly after vulnerabilities were publicly disclosed, targeting SimpleHelp servers for unauthorized access.
- Recommendations include uninstalling unused SimpleHelp software, rotating admin passwords, and limiting IP logins.
Already a member? Log in here