Summary: Arctic Wolf researchers have uncovered a campaign exploiting recently disclosed vulnerabilities in SimpleHelp RMM software, leading to potential unauthorized access to devices. The vulnerabilities could allow attackers to download and upload arbitrary files and escalate privileges for administrative access. Organizations are advised to update their software, enhance access controls, and monitor network traffic to mitigate these risks.
Affected: SimpleHelp RMM Software
Keypoints :
- Exploitation of vulnerabilities CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728.
- Attackers can gain unauthorized access by chaining these vulnerabilities together.
- Recommendations include upgrading to patched versions, uninstalling unused clients, enhancing access controls, and monitoring network traffic for suspicious activity.
Source: https://securityonline.info/simplehelp-rmm-vulnerabilities-exploited-in-latest-cyberattack-campaign/