📄 CISA Flags Four Vulnerabilities in Samsung, SimpleHelp, and D-Link Products ...

📄 CISA Flags Four Vulnerabilities in Samsung, SimpleHelp, and D-Link Products U.S. CISA added four vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2024-7399 in Samsung MagicINFO 9 Server, CVE-2024-57726 and CVE-2024-57728 in SimpleHelp, and CVE-2025-29635 in D-Link DIR-823X routers. Arctic Wolf researchers observed threat actors exploiting the Samsung flaw days after proof-of-concept code was publicly released, while Akamai reported Mirai botnet activity targeting the D-Link vulnerability. Federal agencies must remediate by May 8, 2026, under BOD 22-01. The SimpleHelp authorization bypass (CVSS 9.9) allows privilege escalation to full admin access, while the path traversal flaw enables remote code execution through malicious ZIP uploads. 🛰️ Open sources - closed narratives @sitreports