Search

published date: May 7, 2025

CVE-2025-2776 : XML External Entity (XXE) Injection Vulnerability

SysAid On-Premises [Suspected]

Description

SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Server URL processing functionality, allowing for administrator account takeover and file read primitives.

Product(s):

  • sysaid sysaid_on-premises *

Question to Ask Vendors:

  1. 1: Have you updated your SysAid On-Premises to version 24.4.60 b16 or later to mitigate the risk of CVE-2025-2775, CVE-2025-2776, and CVE-2025-2777?
  2. 2: Can you confirm that all external access points to SysAid endpoints (/mdm/checkin, /mdm/serverurl, /lshw) have been secured or restricted from unauthorized external connections?
  3. 3: Are you actively monitoring SysAid server logs for signs of suspicious or malicious requests targeting these endpoints?
  4. 4: Have you reviewed and updated your incident response procedures to ensure rapid identification and remediation capabilities for XXE-based vulnerabilities?

READY TO GET RESULTS YOU CAN TRUST?