SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version

By: The Hacker News Posted On: May 07, 2025 View: 1

Cybersecurity researchers have disclosed multiple security flaw in the on-premise version of SysAid IT support software that could be exploited to achieve pre-authenticated remote code execution with elevated privileges. The vulnerabilities, tracked as CVE-2025-2775, CVE-2025-2776, and CVE-2025-2777, have all been described as XML External Entity (XXE) injections, which occur when an attacker is

Read this on The Hacker News

Latest News

Contact Us

[email protected]

About

Headlines Portal is your source for all news globally.

Latest News

Popular News

Featured News