A critical vulnerability in SimpleHelp remote management software, tracked as CVE-2026-48558, lets unauthenticated attackers create privileged Technician accounts when OIDC authentication is enabled. SimpleHelp has released fixes in versions 5.5.16 and 6.0RC2, and organizations using OIDC should update or restrict access immediately. #SimpleHelp #CVE-2026-48558 #OIDC
Keypoints
- CVE-2026-48558 affects SimpleHelp versions 5.5.15 and older, plus 6.0 pre-release builds.
- The flaw enables unauthenticated creation of privileged Technician accounts through OIDC.
- Attackers can bypass the MFA process when the issue is exploitable.
- The bug only impacts servers using OIDC with specific Technician Group settings enabled.
- SimpleHelp fixed the issue in versions 5.5.16 and 6.0RC2, with IP allowlists as a fallback mitigation.