AI description
CVE-2025-2775 is an unauthenticated XML External Entity (XXE) vulnerability found in SysAid On-Prem versions 23.3.40 and earlier. This vulnerability exists in the Checkin processing functionality. It could allow an attacker to interfere with the application's parsing of XML input. Successful exploitation of CVE-2025-2775 can lead to administrator account takeover and the ability to read files. This vulnerability, along with CVE-2025-2776 and CVE-2025-2777, can be exploited by sending specially crafted HTTP POST requests to specific endpoints. These vulnerabilities were patched in SysAid On-Prem version 24.4.60 b16.
- Description
- SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives.
- Source
- disclosure@vulncheck.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.3
- Impact score
- 4.7
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
- Severity
- CRITICAL
- disclosure@vulncheck.com
- CWE-611
- Hype score
- Not currently trending
Actively exploited CVE : CVE-2025-2775
@transilienceai
8 May 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
【リンク集:5月7日〜8日のセキュリティ関連ニュース/記事】 <脆弱性> ・マイクロソフトが発表、4月のアップデートでWindows Serverの認証に問題発生 https://t.co/u0O5Pz35EM ・SysAid、オンプレミス版における4つの
@MachinaRecord
8 May 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-2775: PoC Released for SysAid On-Premises Pre-Auth RCE Vulnerability https://t.co/NXeDt47laH
@Dinosn
8 May 2025
3245 Impressions
5 Retweets
24 Likes
6 Bookmarks
0 Replies
1 Quote
Research reveals a pre-authenticated RCE chain in SysAid On-Premise (CVE-2025-2775), highlighting ongoing email struggles and security vulnerabilities in essential ITSM solutions, further exposing sensitive information to ransomware threats. #CyberSecurity https://t.co/RA4acrOek7
@Cyber_O51NT
8 May 2025
297 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-2775: CRITICAL] SysAid On-Prem <= 23.3.40 has an unauthenticated XXE vulnerability in Checkin, risking admin takeover. Urgent action needed for cyber security.#cve,CVE-2025-2775,#cybersecurity https://t.co/Ut6PYKBPv8 https://t.co/jP0WGR0HW3
@CveFindCom
7 May 2025
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical vulnerabilities found in SysAid on-premise versions (CVE-2025-2775, 2776, 2777) enable remote code execution via XXE injection. Users must update to version 24.4.60 b16 to patch these flaws. ⚠️ #SysAid #SecurityUpdate #Australia https://t.co/7STB0bWtyy
@TweetThreatNews
7 May 2025
82 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
We are sharing SysAid instances likely vulnerable to CVE-2025-2775, CVE-2025-2776, CVE-2025-2777 (XXEs) any of which combined with CVE-2025-2778 allows for RCE. 77 IPs found unpatched so far (version check). Install updates from SysAid (from March!) https://t.co/SNVkIeSfF3 h
@Shadowserver
7 May 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
SysAidのオンプレミス版において、認証不要でリモートコード実行が可能となる4件の重大な脆弱性(CVE-2025-2775~2778)が発見された。
@yousukezan
7 May 2025
756 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
[SysAid fixes four critical vulnerabilities that enable RCE] SysAid has released an update for the on-premise version of its software that eliminates four critical vulnerabilities at once — CVE-2025-2775, CVE-2025-2776, CVE-2025-2777 and CVE-2025-2778. Vulnerabilities allowe
@NGT_Cybercrime
7 May 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 قامت SysAid بإصلاح أربع ثغرات حرجة في إصدارها المحلي من برنامج دعم تكنولوجيا المعلومات، تسمح بتنفيذ تعليمات برمجية عن بُعد دون مصادقة، مع حقوق مرتفعة. ال
@Cybercachear
7 May 2025
42 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes