THREAT OPS › CVEs › CVE-2025-2775
CVE-2025-2775 — SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability
SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives.
Vulnerability details
- Affected productsSysAid On-Prem
- KEV remediation due2025-08-12