SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the lshw processing functionality, allowing for administrator account takeover and file read primitives.
References
| Link | Resource |
|---|---|
| https://documentation.sysaid.com/docs/24-40-60 | Release Notes |
| https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/ | Exploit Third Party Advisory |
| https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/ | Exploit Third Party Advisory |
Configurations
History
27 Jun 2025, 14:35
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Sysaid
Sysaid sysaid |
|
| References | () https://documentation.sysaid.com/docs/24-40-60 - Release Notes | |
| References | () https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/ - Exploit, Third Party Advisory | |
| CPE | cpe:2.3:a:sysaid:sysaid:*:*:*:*:on-premises:*:*:* |
08 May 2025, 14:39
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
07 May 2025, 18:15
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/ - |
07 May 2025, 15:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-05-07 15:15
Updated : 2025-06-27 14:35
NVD link : CVE-2025-2777
Mitre link : CVE-2025-2777
CVE.ORG link : CVE-2025-2777
JSON object : View
Products Affected
sysaid
- sysaid
CWE
CWE-611
Improper Restriction of XML External Entity Reference