SimpleHelp Security Vulnerability

We are pleased to share that our SimpleHelp incident investigation is now complete. Most importantly, the forensic analysis found no evidence of compromise to any records (including unauthorized access, data staging or theft) within the Intelerad environment, and the incident is fully contained. While this investigation is now closed and we do not anticipate further updates, our security team is available to answer any specific questions your security team may still have. Please don’t hesitate to reach out.

As of February 4, the investigation, which is being conducted with the assistance of outside forensics experts, is beginning to reach its conclusion. Our investigation to date has identified no evidence of data access or exfiltration within the Intelerad corporate network, and our third-party experts have confirmed that the incident is contained. While we do not anticipate any substantive updates before the close of the investigation, we are continuing to support individual clients who have specific questions or concerns. Once our investigation has reached a close, we will provide a final update. If you have further questions, please reach out to our support team.

We have deployed additional security monitoring of our client’s InteleShare environments. If we detect any activity in your environment related to the SimpleHelp vulnerability that we believe is a potential indicator of compromise, we will contact you immediately.

If your team detects a compromise, please notify Intelerad Support immediately through the Intelerad Service Portal.
Additionally, we will not be using SimpleHelp in conjunction with any of our Intelerad products going forward.

Please view these articles for additional information:
SimpleHelp Security Vulnerability - Config File Verification - https://serviceportal.intelerad.com/csm?id=kb_article_view&sysparm_article=KB0032228

SimpleHelp Security Vulnerability IOC & FAQ- https://serviceportal.intelerad.com/csm?id=kb_article_view&sysparm_article=KB0032213

Please note we have updated the list of Indicators of Compromise (IOC). Should you notice any IOC present on your systems our recommendation is to consult with your Security Team immediately regarding device isolation. You can also open a case in the Intelerad Service Portal and we're happy to support you as best we can.

Link to IOCs: https://serviceportal.intelerad.com/csm?id=kb_article_view&sysparm_article=KB0032213

The Intelerad team is continuing to analyze the situation. Please make sure you are monitoring for the Indicators of Compromise (IOCs) already provided. Please note we have updated the list and removed a false positive from the list (vmtoolsd.exe). Should you notice any IOCs present on your systems our recommendation is to consult with your Security Team immediately regarding device isolation. You can also open a case in the Intelerad Service Portal and we're happy to support you as best we can.

Link to IOCs: https://serviceportal.intelerad.com/csm?id=kb_article_view&sysparm_article=KB0032213

We are continuing to investigate this issue.

We are continuing to investigate this issue.

We are continuing to investigate this issue.

We would like to inform you of a recently discovered security vulnerability in SimpleHelp (version 5.5.7 and earlier), a remote support and desktop management software used to support many InteleShare clients.

More information about the vulnerability can be found here: https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier

We highly recommend that you share the information posted in the following knowledge article with your security team.
https://serviceportal.intelerad.com/csm?id=kb_article_view&sysparm_article=KB0032213