Overview
- SysAid
- SysAid On-Prem
Description
Statistics
- 1 Post
- 2 Interactions
Fediverse
Critical vulnerabilities discovered in SysAid's on-premise IT support software
💥 Vulnerability: XML External Entity (XXE) injections that can lead to RCE
⚠️ Impact: Retrieval of sensitive files, full admin access, and arbitrary code execution, risking data breaches and system compromises.
🔍 CVEs: CVE-2025-2775, CVE-2025-2776, CVE-2025-2777, CVE-2025-2778
🔧 Remediation: Update to SysAid version 24.4.60 b16
#cybersecurity #SysAid #vulnerabilitymanagement
https://thehackernews.com/2025/05/sysaid-patches-4-critical-flaws.html
Overview
- Microsoft
- Microsoft Power Apps
Description
Statistics
- 1 Post
- 3 Interactions
Fediverse
Microsoft published six sev:CRIT vulns in cloud services. No public exploits, no exploitation indicated.
This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33072
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29972
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29827
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29813
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47733
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47732
Overview
- Microsoft
- Microsoft msagsfeedback.azurewebsites.net
Description
Statistics
- 1 Post
- 3 Interactions
Fediverse
Microsoft published six sev:CRIT vulns in cloud services. No public exploits, no exploitation indicated.
This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33072
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29972
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29827
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29813
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47733
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47732
Overview
- Microsoft
- Azure Storage Resource Provider (SRP)
Description
Statistics
- 1 Post
- 3 Interactions
Fediverse
Microsoft published six sev:CRIT vulns in cloud services. No public exploits, no exploitation indicated.
This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33072
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29972
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29827
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29813
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47733
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47732
Overview
- Microsoft
- Azure Automation
Description
Statistics
- 1 Post
- 3 Interactions
Fediverse
Microsoft published six sev:CRIT vulns in cloud services. No public exploits, no exploitation indicated.
This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33072
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29972
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29827
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29813
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47733
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47732
Overview
- Microsoft
- Microsoft Dataverse
Description
Statistics
- 1 Post
- 3 Interactions
Fediverse
Microsoft published six sev:CRIT vulns in cloud services. No public exploits, no exploitation indicated.
This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33072
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29972
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29827
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29813
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47733
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47732
Overview
- Microsoft
- Azure DevOps
Description
Statistics
- 1 Post
- 3 Interactions
Fediverse
Microsoft published six sev:CRIT vulns in cloud services. No public exploits, no exploitation indicated.
This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33072
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29972
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29827
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29813
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47733
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47732