[CIVN-2025-0239] XML External Entity (XXE) vulnerability in SysAid On Prem

By Published On: October 7, 2025

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
XML External Entity (XXE) vulnerability in SysAid On Prem 
Indian – Computer Emergency Response Team (https://www.cert-in.org.in)
Severity Rating: CRITICAL
Software Affected
SysAid On-Prem versions version 23.3.40 and prior
Overview
A vulnerability has been reported in SysAid On Prem which could allow a remote attacker to access sensitive files and potentially compromise administrator accounts.
Target Audience:
Individuals and end-user organisations using affected SysAid On-Prem.
Risk Assessment:
High risk of sensitive data disclosure and take full control of the affected system.
Impact Assessment:
Potential for system compromise and service disruptions.
Description
SysAid is an IT Service Management (ITSM) platform that uses generative AI to help organizations streamline IT help desk operations and manage service delivery.
This vulnerability exists in SysAid On Prem due to improper restriction of XML External Entity (XXE) references during XML parsing.
Successful exploitation of this vulnerability could allow a remote attacker to read files and gain administrative privileges on the affected SysAid On-Prem instance.
Note: This vulnerability (CVE-2025-2776) is being exploited in the wild. Users are advised to apply patches urgently.
Solution
Apply appropriate updates as released by the vendor:
https://documentation.sysaid.com/docs/24-40-60
Vendor Information
SysAid
https://documentation.sysaid.com/docs/24-40-60
References
SysAid
https://documentation.sysaid.com/docs/24-40-60
CVE Name
CVE-2025-2776
– —
Thanks and Regards,
CERT-In
Incident Response Help Desk
e-mail: incident@cert-in.org.in
Phone: +91-11-22902657
Toll Free Number: 1800-11-4949
Toll Free Fax : 1800-11-6969
Web: http://www.cert-in.org.in
PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4
PGP Key information:
https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS
Postal address:
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmjlE40ACgkQ3jCgcSdc
ys+z2Q//eGQfwxehX60K3v/OGWlSbhWrVwGt5KJY9VqOHzgocm9ujBhxyMp2CDDe
g+KACDc5sy9yaf1DnK0nZvOaKgt7U/V796YQBXHslv1CJ7rqYM98uJ+uSoNafq0q
wbNHhdZ0ZV5rLlwAeD6j5kamdkBISL5QFGdQVfQwmYeJqZeDlIA9PJTPThLSZvjk
ttbI8tAifT4KmyZlGCgU8Lz7sw8RtzdjXHL44SrGNtLRFPNFLC+AIIPAIvD31UiR
xWm1mwGh2cA2ZWcfnHc6UoKbsV7CYUrLLxMx4ZBaOkNYGQ48cmeHNIwm8nN7tB2L
RBi6au4IPRapQmQsNZBVBRz4nw17qZrWIKTPbzAT5LNngQhUE6rWdTl5Wm9zmmk6
1A2mbpDTHaPZ3Cw6kNGPI93pZGSIsaX2Awf6e/p/rw1eWKxgy28zsZDR6Ap8dROv
cFePAPURz6LYaumSEQHCtQWCtTF0rN6phymPAtZhsPV22KqUDB7l5MJ7lV1x46ts
JRs/h807AE/7w2vVRxiMU3ZkwJwKRWjNLhGx2gy9kwOWyjEmkIznBjqw0JjBqx8T
jqtC7S5NafHVFszXoJiE3Q25lDnIn8/kA3r7MrNQoKvwVAmFHcbAOv8UaPLWVFFl
yBh4Ba5mSkZA1ewYZ7UxzDGzVDxuPYHOPIJuzkRHOldj6NzcDPE=
=XvcG
—–END PGP SIGNATURE—–

Share this article