# SimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558)

> Source: <https://www.helpnetsecurity.com/2026/06/16/simplehelp-rmm-cve-2026-48558/>
> Published: 2026-06-16 13:33:52+00:00

A critical vulnerability (CVE-2026-48558) in SimpleHelp, a popular remote monitoring and management (RMM) tool, can be exploited remotely by unauthenticated attackers to create a new “Technician” account and use it to remote into managed endpoints, execute scripts, and more. Maliciously “forged” Technician account (Source: Horizon3.ai) The vulnerability CVE-2026-48558 is an authentication bypass flaw affecting SimpleHelp deployments configured to use OpenID Connect (OIDC) authentication. “Even when the SimpleHelp server is configured to enforce MFA for technicians, … [More ](https://www.helpnetsecurity.com/2026/06/16/simplehelp-rmm-cve-2026-48558/)

The post [SimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558)](https://www.helpnetsecurity.com/2026/06/16/simplehelp-rmm-cve-2026-48558/) appeared first on [Help Net Security](https://www.helpnetsecurity.com).