CVE-2025-2776: SysAid On-Prem <= 23.3.40 serverurl Proceessing XML External Entity Injection

9.3 CVSS

Description

SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Server URL processing functionality, allowing for administrator account takeover and file read primitives.

Classification

CVE ID: CVE-2025-2776

CVSS Base Severity: CRITICAL

CVSS Base Score: 9.3

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L

Problem Types

CWE-611 Improper Restriction of XML External Entity Reference

Affected Products

Vendor: SysAid

Product: SysAid On-Prem

Nuclei Template

http/cves/2025/CVE-2025-2776.yaml

Exploit Prediction Scoring System (EPSS)

EPSS Score: 13.47% (probability of being exploited)

EPSS Percentile: 93.82% (scored less or equal to compared to others)

EPSS Date: 2025-06-05 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-2776
https://documentation.sysaid.com/docs/24-40-60
https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/

Timeline

2025-05-07 15:40:11 UTC
CVE

SysAid On-Prem <= 23.3.40 serverurl Proceessing XML External Entity Injection