Security News > 2025 > May > PoC exploit for SysAid pre-auth RCE released, upgrade quickly!

PoC exploit for SysAid pre-auth RCE released, upgrade quickly!
2025-05-07 12:20

WatchTowr researchers have released a proof-of-concept (PoC) exploit that chains two vulnerabilities in SysAid On-Prem – the self-hosted version of the platform behind SysAid’s popular IT service management and IT helpdesk solutions – to achieve unauthenticated remote code execution on the underlying server. The vulnerabilities have been patched in SysAid On-Prem v24.4.60, released in early March 2025, but it’s likely that many enterprises have not upgraded yet. Creating the PoC “In an on-premise deployment, SysAid … More → The post PoC exploit for SysAid pre-auth RCE released, upgrade quickly! appeared first on Help Net Security.


News URL

https://www.helpnetsecurity.com/2025/05/07/poc-exploit-for-sysaid-pre-auth-rce-released-upgrade-quickly/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Sysaid 8 0 15 5 7 27