Summary: Hackers are exploiting recently patched vulnerabilities in SimpleHelp Remote Monitoring and Management software, gaining initial access to target networks. The vulnerabilities, identified as CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728, enable attackers to upload and download files and escalate privileges. Arctic Wolf has reported on an ongoing campaign potentially linked to these flaws, urging users to upgrade to fixed versions or uninstall the software if not in use.
Affected: SimpleHelp Remote Monitoring and Management software
Keypoints :
- Three significant vulnerabilities allow access and privilege escalation: CVE-2024-57726, CVE-2024-57727, CVE-2024-57728.
- Arctic Wolf connects ongoing attacks to these flaws but has medium confidence in the link.
- Users are advised to upgrade to the latest patched versions or uninstall the software if not needed.
- 580 vulnerable instances are reported online, with 345 in the United States.
- Compromised systems show signs of pre-existing SimpleHelp installations used for remote support.