ctipilot.ch

SimpleHelp RMM — missing authorisation privilege escalation (CVSS 9.9, ITW DragonForce/Medusa, KEV deadline 2026-05-08)

cve · CVE-2024-57726

Coverage timeline
2
first 2026-05-07 → last 2026-05-10
Briefs
2
2 distinct
Sources cited
10
7 hosts
Sections touched
2
active_vulns, weekly_summary
Co-occurring entities
0
no co-occurrence

Story timeline

  1. 2026-05-10CTI Weekly Summary — 2026-W19 (May 04 – May 10, 2026)
    weekly_summaryConsolidated in weekly summary for week 2026-W19
  2. 2026-05-07CTI Daily Brief — 2026-05-07
    active_vulnsFirst coverage. Low-privileged user escalates to server admin; chained with CVE-2024-57728 by DragonForce and Medusa ransomware targeting MSPs; CISA KEV deadline 2026-05-08 (overdue).

Where this entity is cited

  • active_vulns1
  • weekly_summary1

Source distribution

  • nvd.nist.gov3 (30%)
  • horizon3.ai2 (20%)
  • cloud.google.com1 (10%)
  • helpnetsecurity.com1 (10%)
  • securityboulevard.com1 (10%)
  • simple-help.com1 (10%)
  • windowsforum.com1 (10%)

External references

NVD · cve.org · CISA KEV

All cited sources (10)

Items in briefs about SimpleHelp RMM — missing authorisation privilege escalation (CVSS 9.9, ITW DragonForce/Medusa, KEV deadline 2026-05-08)

No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.