SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role.
CVE ID: CVE-2024-57726
Vendor: n/a
Product: n/a
EPSS Score: 0.05% (probability of being exploited)
EPSS Percentile: 21.58% (scored less or equal to compared to others)
EPSS Date: 2025-02-13 (when was this score calculated)