CVE-2025-2775HIGH 7.5CISA KEVEPSS p98.9%

CVE-2025-2775SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability

SysAid / SysAid On-Prem

Description

SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives.

Scoring

CVSS 3.17.5 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS55.18% probability of exploitation · percentile 98.9% · 2026-06-17T12:03:21Z
Published2025-05-07
Last modified2025-10-27

CISA KEV entry

Added to KEV: 2025-07-22

Underlying weaknesses· 1

CWE-611

References

  1. https://documentation.sysaid.com/docs/24-40-60
  2. https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/
  3. https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/
  4. https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-2775

1

TypeTargetConfidenceTier
WeaknessImproper Restriction of XML External Entity Referencecwe-6110%live

(incoming)1

TypeTargetConfidenceTier
KEVEntrySysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerabilitykev-cve-2025-27750%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-2777
CVE
CVE-2026-8045
CVE
SysAid Server Path Traversal Vulnerability
CVE
CVE-2025-22478
CVE
CVE-2025-7766
CVE
CVE-2025-10713
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.