SysAid On-Prem <=23.3.40 XXE in Checkin allows admin takeover
CVE-2025-2775 Published on May 7, 2025

SysAid On-Prem <= 23.3.40 Checkin Proceessing XML External Entity Injection
SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives.

Vendor Advisory NVD

Known Exploited Vulnerability

This SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives.

The following remediation steps are recommended / required by August 12, 2025: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Vulnerability Analysis

CVE-2025-2775 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. This vulnerability is known to be actively exploited by threat actors in an automatable fashion. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity, and a small impact on availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
CHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
NONE
Availability Impact:
LOW

Weakness Type

What is a XXE Vulnerability?

The software processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

CVE-2025-2775 has been classified to as a XXE vulnerability or weakness.


Products Associated with CVE-2025-2775

stack.watch emails you whenever new vulnerabilities are published in Sysaid or Sysaid On Premises. Just hit a watch button to start following.

Sysaid
 
Sysaid On Premises
 

Affected Versions

SysAid On-Prem:

Exploit Probability

EPSS
69.79%
Percentile
98.66%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.