← Back to CVEs
CVE-2025-2776
CRITICALCISA KEV9.3
Description
SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Server URL processing functionality, allowing for administrator account takeover and file read primitives.
CVE Details
CVSS v3.1 Score9.3
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published5/7/2025
Last Modified10/27/2025
Sourcekev
Honeypot Sightings0
CISA KEV
VendorSysAid
ProductSysAid On-Prem
Vulnerability NameSysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability
KEV Date Added2025-07-22
Remediation Due Date2025-08-12
Ransomware UseUnknown
Affected Products
sysaid:sysaid
Weaknesses (CWE)
CWE-611
References
https://documentation.sysaid.com/docs/24-40-60(disclosure@vulncheck.com)
https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/(disclosure@vulncheck.com)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-2776(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.