A recent security audit of SimpleHelp revealed three critical vulnerabilities that could compromise both the server and client machines. These vulnerabilities include unauthenticated path traversal, arbitrary file upload leading to remote code execution, and privilege escalation from technician to admin. SimpleHelp has since patched these vulnerabilities, and users are urged to upgrade to the latest versions. Affected: SimpleHelp
Keypoints :
- Two notable zero-day vulnerabilities were reported affecting popular remote support software.
- SimpleHelp was identified as a remote support tool used by several users.
- Three significant vulnerabilities were discovered during a security audit of SimpleHelp.
- Vulnerabilities were patched quickly after disclosure to SimpleHelp’s support team.
- Users are encouraged to upgrade to the latest SimpleHelp versions (5.5.8, 5.4.10, or 5.3.9) immediately.
MITRE Techniques :
- TA0001: Initial Access – Unauthenticated path traversal vulnerability allows attackers to download arbitrary files.
- TA0002: Execution – Arbitrary file upload vulnerability enables remote code execution when logged in as admin.
- TA0003: Privilege Escalation – Missing backend authorization checks allow technicians to elevate privileges to admin.
Full Research: https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/