SIMPLEHELP BUG LETS ATTACKERS CREATE ADMIN ACCOUNTS

A vulnerability in SimpleHelp remote management software allows unauthenticated attackers to create privileged technician accounts on vulnerable servers. The flaw exploits the OpenID Connect (OIDC) authentication protocol.