Fortra’s Alert Logic is researching a new vulnerability in SysAid On-Prem Software (CVE-2023-47246). This path traversal vulnerability allows unauthorized file uploads into the webroot directory of the SysAid tomcat web service. These uploads are being used in the wild by malicious actors to deploy webshells within the environment.
Who is affected?
All customers with SysAid on-prem server installations are affected.
What can I do?
Customers are urged to update their SysAid systems to version 23.3.36, which remediates the identified vulnerability.
For more information about this vulnerability and mitigation, refer to SysAid’s blog.
How is Alert Logic helping me?
Alert Logic is actively researching this threat to build detection capabilities.
Alert Logic has kicked off the Emerging Threat process for this vulnerability. This article will be updated with new information about this vulnerability and related Alert Logic coverage as it becomes available. To follow updates for this vulnerability, click FOLLOW at the top of this article. You must be signed into the Support Center using your Alert Logic product credentials to follow this article.