CISA Warns of Critical SimpleHelp Authentication Bypass Vulnerability
ID: 11c324c8-4f6a-5ffe-9f83-44f2d6840696
STIX ID: report--11c324c8-4f6a-5ffe-9f83-44f2d6840696
Feed Name: ThreatCluster
Threat Score
CISA identified a critical authentication bypass in SimpleHelp (CVE-2026-48558) affecting OpenID Connect setups that enables attackers to forge identity tokens, bypass MFA, and obtain unauthorized technician-level remote access; the flaw is actively exploited, has been added to CISA's Known Exploited Vulnerabilities catalog, and organizations are required to remediate under BOD 26-04 by July 2, 2026.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
