Arbitrary File Upload Vulnerability in SimpleHelp Remote Support Software
CVE-2024-57728
Key Information:
- Vendor
SimpleHelp
- Status
- Vendor
- CVE Published:
- 15 January 2025
Badges
What is CVE-2024-57728?
The SimpleHelp Remote Support Software, versions 5.5.7 and earlier, is susceptible to an arbitrary file upload vulnerability. This flaw allows admin users to upload specially crafted zip files, which can exploit a phenomenon known as 'zip slip'. By leveraging this vulnerability, malicious actors can potentially upload arbitrary files to any directory on the file system, leading to unauthorized code execution in the context of the server user, creating a serious security risk for businesses relying on this software. Users are advised to update to the latest version to mitigate the threat.
CISA has reported CVE-2024-57728
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2024-57728 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace as recent news articles suggest the vulnerability is being used by ransomware groups.
The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
News Articles
CybersecurityNewsReferences
EPSS Score
50% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- π¦
CISA Reported
- π°
Used in Ransomware
- πΎ
Exploit known to exist
- π°
First article discovered by CybersecurityNews
Vulnerability published
Vulnerability Reserved