NewsSecurity Vulnerabilities

SysAid Releases Security Advisory for Actively Exploited Zero Day Vulnerability (CVE-2023-47246)

CVE number – CVE-2023-47246

This path traversal vulnerability could allow an attacker to perform code execution within the SysAid on-prem software.

This vulnerability is known to be exploited in the wild. The threat actor group DEV-0950 (Lace Tempest), have also been observed exploiting this vulnerability.

Update SysAid on-prem server installations to ensure that your SysAid systems are updated to version 23.3.36, which remediates the identified vulnerability.

For further information please visit –

Jason Davies

I am one of the editors here at I am a UK based technology professional, with an interest in computer security and telecoms.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.