Endpoint Vulnerability

Security Vulnerabilities fixed in SimpleHelp Remote Support Server 5.5.8

Description

Privilege escalation, path traversal, and arbitrary file upload allow low-privileged technicians to create over-privileged API keys, unauthenticated attackers to download server secrets, and admins to upload malicious files for code execution in SimpleHelp remote support software v5.5.7 and earlier.

Outbreak Alert

FortiGuard Labs continues to observe ongoing attack attempts targeting SimpleHelp, a Remote Monitoring and Management (RMM) software, due to a critical unauthenticated path traversal vulnerability (CVE-2024-57727) affecting versions 5.5.7 and earlier.

View the full Outbreak Alert Report

Affected Applications

SimpleHelp Remote Support Server

Version Updates

Date	Version	Status	Detail
2025-01-29	1.00812	New	SimpleHelp Remote Support Server

References

https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/

ID	6058
Created	Jan 29, 2025
Description Updated	Feb 13, 2026
CVE ID
Tags	SimpleHelp Ransomware Attack Threat Signal
Risk
Coverage	FortiClient
OS	Windows
Vendor	SimpleHelp
Patch	manual
Application	SimpleHelp Remote Support Server

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Endpoint Vulnerability

Security Vulnerabilities fixed in SimpleHelp Remote Support Server 5.5.8

Description

Outbreak Alert

Affected Applications

Version Updates

References

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Endpoint Vulnerability

Security Vulnerabilities fixed in SimpleHelp Remote Support Server 5.5.8

Description

Outbreak Alert

Affected Applications

Version Updates

References

Threat Intelligence
Center