logo

A Vulnerability in SimpleHelp Could Allow for Authentication Bypass

ID: 24de7f8b-9205-592f-909a-73a4ad182423

STIX ID: report--24de7f8b-9205-592f-909a-73a4ad182423

Feed Name: CISecurity.org Advisories

Threat Score
75/100

Date Published: 2026-06-16

Date Updated: 2026-06-17

...
...

A vulnerability (CVE-2026-48558) in SimpleHelp's OpenID Connect (OIDC) authentication allows remote, unauthenticated attackers to submit forged tokens with arbitrary claims to create new "Technician" accounts, bypass multi-factor authentication, and gain full access to managed endpoints. The issue requires OIDC to be enabled, a TechnicianGroup associated with the OIDC provider, and "Allow group authenticated logins" enabled—conditions commonly present in deployments, enabling attackers to remote into systems, execute scripts, install programs, and access or delete data.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.