Unauthenticated XML External Entity Vulnerability in SysAid On-Prem Product
CVE-2025-2775
Key Information:
- Vendor
- Sysaid
- Status
- Vendor
- CVE Published:
- 7 May 2025
Badges
What is CVE-2025-2775?
CVE-2025-2775 is a serious vulnerability found in the SysAid On-Prem product, a tool designed for IT service management and support. This vulnerability specifically affects versions up to 23.3.40 and allows unauthenticated attackers to exploit the Checkin processing functionality. The risk posed by this vulnerability is significant, as it can lead to unauthorized access to administrator accounts and the ability to read sensitive files. Organizations relying on SysAid for their IT management could face severe operational disruptions, data leaks, and potential loss of control over critical systems.
Technical Details
CVE-2025-2775 is classified as an unauthenticated XML External Entity (XXE) vulnerability. This type of vulnerability occurs when an application parses XML input from an untrusted source, allowing attackers to craft requests that can gain unauthorized access to system resources. In this case, the Checkin processing functionality in SysAid is susceptible, which could result in an attacker being able to execute malicious commands or retrieve sensitive information from the affected system.
Potential Impact of CVE-2025-2775
-
Administrator Account Takeover: Attackers can exploit this vulnerability to gain unauthorized access to administrative accounts, compromising the control over the entire IT service management system.
-
Sensitive Data Exposure: The ability to read files on the system could lead to the exposure of confidential data, including personal information, business-critical documents, and sensitive configurations.
-
Operational Disruption: By gaining access to the SysAid system, attackers could disrupt IT services, leading to downtime and affecting business operations, which may result in financial losses and reputational damage.
Affected Version(s)
SysAid On-Prem 0 <= 23.3.40
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V3.1
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved