Home

Description

SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login are accepted without verifying their cryptographic signature. In a vulnerable configuration, a remote, unauthenticated attacker can submit a forged token containing arbitrary identity claims to obtain a fully authenticated technician session. In some configurations, this may also allow bypass of multi-factor authentication. No user interaction is required.

PUBLISHED Reserved 2026-05-21 | Published 2026-06-12 | Updated 2026-06-13 | Assigner VulnCheck




CRITICAL: 9.5CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

CRITICAL: 10.0CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Problem types

Improper Verification of Cryptographic Signature

Product status

Default status
affected

5.5.0 (semver) before 5.5.16
affected

6.0 (custom) before 6.0 RC2
affected

Credits

Zach Hanley (@hacks_zach) of Horizon3.ai finder

References

horizon3.ai/...-48558-simplehelp-authentication-bypass-iocs/ technical-description exploit

simple-help.com/security/simplehelp-security-update-2026-05 vendor-advisory

simple-help.com/release-news release-notes

cve.org (CVE-2026-48558)

nvd.nist.gov (CVE-2026-48558)

Download JSON