Netvora logo
Submit Startup Subscribe
Home About Contact Submit Startup Subscribe

Tens of Thousands of Help Desk Software Installations Vulnerable to Attacks

Comment

Tens of Thousands of Help Desk Software Installations Vulnerable to Attacks

Netvora May 8, 2025 at 12:10 PM Security
Tens of Thousands of Help Desk Software Installations Vulnerable to Attacks

Tens of Thousands of Help Desk Software Installations Vulnerable to Attacks

By Netvora Tech News

Tens of thousands of installations of help desk software called SysAid are vulnerable to attacks, allowing attackers to steal sensitive information and launch further attacks. This is according to a report by The Shadowserver Foundation, based on an online scan.

Vulnerabilities Exploited in the Past

The software, which offers various help desk functionalities for organizations, has been plagued by vulnerabilities in the past. Just over a year ago, a flaw in SysAid was used to spread the Clop ransomware. Security researchers at watchTowr discovered multiple vulnerabilities in the software, allowing an attacker to obtain the plaintext admin password and execute XML External Entity Injection attacks. This would enable an attacker to ultimately take control of the underlying system.

Update Released, Details Published

SysAid released an update on March 3rd to address the issues. Yesterday, watchTowr published details of the discovered vulnerabilities. In response, The Shadowserver Foundation conducted an online scan, which found 77 vulnerable installations, including two in the Netherlands.

Impact and Consequences

The discovery of these vulnerabilities is a significant concern for organizations using SysAid, as it highlights the importance of keeping software up to date and secure. The Shadowserver Foundation, which focuses on combating cybercrime, regularly researches vulnerable systems that can be found online. The organization's findings serve as a reminder of the need for vigilance in the face of ever-evolving cyber threats.

  • SysAid offers various help desk functionalities, including a ticket system, automatic password reset for employees, remote control for systems, and IT Asset Management.
  • The vulnerabilities discovered in the software allow attackers to steal sensitive information and execute further attacks.
  • The Shadowserver Foundation found 77 vulnerable installations, including two in the Netherlands, during its online scan.

Comments (0)

Leave a comment

Back to homepage

You might also like