SysAid Path Traversal [CVE-2023-47246] Ingrid SysAid on-premises software has a path traversal vulnerability [CVE-2023-47246] that can lead to remote code execution (RCE). It allows attackers to bypass credentials. As an IT ticket management system, it can contain crucial information about internal architecture and practices. What To Do Use Vulnerability Detection to search for Confirmed Exposure to CVE-2023-47246. Use Bitsight for 4th party risk to search for SysAid as a product and a service provider. Conduct analysis to look for evidence of compromise and then patch immediately. Upgrade instructions are provided in the Sysaid documentation. Resources NVD, “CVE-2023-47246 Detail” SysAid Blog, “SysAid On-Prem Software CVE-2023-47246 Vulnerability” SysAid, “SysAid Upgrade Guide” November 16, 2023: Published. Related articles VMware vCenter Server: Out-of-Bounds Write [CVE-2023-34048] & Partial Information Disclosure [CVE-2023-34056] Supply Chain Attack via XZ Library Resulting in SSH Backdoor [CVE-2024-3094] Bitsight Badge Setup Sinkhole Guest Network Exclusion – April 23, 2025 Feedback 0 comments Please sign in to leave a comment.