SysAid Product Security Update Advisory

Jul 23 2025

Overview

We have released a security update to address a vulnerability in our SysAid product. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-2775, CVE-2025-2776

SysAid On-Prem Version: 23.3.40 and earlier

Resolved Vulnerabilities

Unauthenticated XXE vulnerability in the Checkin handling function in SysAid On-Prem (CVE-2025-2775)
Unauthenticated XXE vulnerability in the Server URL handling function in SysAid On-Prem (CVE-2025-2776)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-2775, CVE-2025-2776

SysAid On-Prem Version: 24.4.60 b16

References

[1] 24.4.60 b16
https://documentation.sysaid.com/docs/24-40-60

SysAid Product Security Update Advisory

Microsoft Sharepoint Server Security Update Advisory (CVE-2025-53770)

Mozilla Products July 2025 First Round Security Update Advisory

Tags:

Microsoft Sharepoint Server Security Update Advisory (CVE-2025-53770)

Mozilla Products July 2025 First Round Security Update Advisory