2 matches found
CISA Warns: SysAid Flaws Under Active Attack Enable Remote File Access and SSRF
The U.S. Cybersecurity and Infrastructure Security Agency CISA added two security flaws impacting SysAid IT support software to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerabilities in question are listed below - CVE-2025-2775 CVSS score: 9...
SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version
Cybersecurity researchers have disclosed multiple security flaws in the on-premise version of SysAid IT support software that could be exploited to achieve pre-authenticated remote code execution with elevated privileges. The vulnerabilities, tracked as CVE-2025-2775, CVE-2025-2776, and...