CVE-2025-2775

SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives.

CVSS v3 9.3 CRITICAL

9.3^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 4.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact LOW

Scope CHANGED

References

Link	Resource
https://documentation.sysaid.com/docs/24-40-60
https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/
https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/

Configurations

No configuration.

History

08 May 2025, 14:39

Type	Values Removed	Values Added
Summary		(es) Las versiones de SysAid On-Prem <= 23.3.40 son vulnerables a una vulnerabilidad de entidad externa XML no autenticada (XXE) en la funcionalidad de procesamiento de check-in, lo que permite la toma de control de cuentas de administrador y primitivas de lectura de archivos.

07 May 2025, 18:15

Type	Values Removed	Values Added
References	~~() https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/ -~~	() https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/ -

07 May 2025, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-07 15:15

Updated : 2025-05-08 14:39

NVD link : CVE-2025-2775

Mitre link : CVE-2025-2775

CVE.ORG link : CVE-2025-2775

JSON object : View

Products Affected

No product.

CWE

CWE-611

Improper Restriction of XML External Entity Reference

9.3 /10