🗓️ Join us & Jay Jacobs (EPSS Lead Data Scientist) for a very special runZero Hour. Register Now!

Start Free Book Demo

Platform
- Overview
  Complete security visibility across IT, OT, IoT, cloud, mobile, and remote assets.
  
  Total Attack Surface Visibility
  
  Full-Spectrum Exposure Detection
  
  Risk Prioritization & Insights
  
  Compliance, Reporting, & KPIs
  
  Fast Deployment & Scalability
- Regulatory Compliance
  Ensure compliance and stay resilient against evolving cyber threats.
  
  DORA
  
  NIST CSF & 800-171
  
  NIS2
  
  NYDFS
  
  PCI DSS
- Integrations
  runZero seamlessly integrates with a wide variety of tools, enhancing network visibility, enriching asset data, and uncovering control gaps.
- Community Edition
  Our completely free version of the runZero Platform is ideal for home use and environments with fewer than 100 assets.
Welcome to the New Era of Exposure Management

We've got big news. Check out our launch video to see how we're fixing what’s broken with vulnerability management & overcoming persistent problems. Dive in to see how we're doing it & discover the new features we just launched to help you uncover the risks that matter most — even the most elusive ones!

Watch Now
Resources
- Resource Center
  Dive into a treasure trove of resources to expand your exposure management knowledge.
  
  Reports
  
  Webcasts
  
  Solution Briefs
  
  Product Videos
- runZero Research
  Explore the world of exposure management through the runZero lens.
  
  Research Blogs
  
  Rapid Responses
  
  runZero Hour
- runZero Blog
  See what's happening at runZero and read up on the latest ideas, opinions, and articles from our experts and researchers.
  
  The New Era of Exposure Management
  
  Read About Our New Product Release
- Support Resources
  Everything you need to maximize your experience with the runZero Platform.
  
  Documentation
  
  REST API
  
  Open Source
  
  Changelog
Divining Risk: Deciphering Signals From Vulnerability Scores

Vulnerability scores promise clarity, but too often just add to the noise. In this report, we analyze signals from over 270,000 CVEs to reveal what CVSS, EPSS, and SSVC actually tell us — and what they don’t. Discover what these systems get right, where they fall short, and how to turn that insight into smarter prioritization.

Read the Report
Pricing
Customers
- Our Customers
  Our customers are everything. We're super proud to be trusted by leading organizations around the globe to help them improve their security.
- Case Studies
  See how runZero has empowered security teams to take control of their networks, uncover their unknowns, and save significant time and money.
- Testimonials
  Read reviews of the runZero Platform and see how teams have improved their security with our technology.
New Report Published by the U.S. Department of Energy

CECA evaluations confirm runZero's active scanning enhances ICS visibility without performance impact on SCADA.

Read the Report
Partners
- Infinity Partner Program
  See how we can work together to provide best-in-class security solutions and outcomes for our joint customers.
- Partner Directory
  Explore our directory of trusted (and awesome) partners.
- Partner Sign In
  Sign in to our Infinity Partner Portal.
Join our Infinity Partner Program

Designed with a partner-first mindset, the runZero Infinity Partner Program offers incredibly valuable resources, relationships, and rewards to partners who choose to grow their business with us.

Become a runZero Partner
About
- About Us
  Wondering who the heck are these people? Meet the team and get the story behind runZero... once upon a time called Rumble.
- Events
  Track down runZero Yetis in the wild! Join us in-person or virtually at one of our upcoming events.
  
  runZero Hour
- Investors
  Meet the cybersecurity investors, trailblazers, and innovators who help us navigate our journey and the evolving security landscape.
- Newsroom
  Read the latest articles, announcements, and press releases from runZero.
- Careers
  Want to join our forces? We're looking for bright minds and passionate souls who want to write the next chapter in exposure management.
Unpacking vulnerability scoring systems with EPSS expert Jay Jacobs

Tune in for the next runZero Hour as vulnerability scoring expert Jay Jacobs joins us for a spicy debate about what CVSS, EPSS, and SSVC really tell us — and what they don’t. We’ll also share highlights from new research on scoring systems, common misconceptions, and how to prioritize risk with context, not just scores.

Register Now

🗓️ Join us & Jay Jacobs (EPSS Lead Data Scientist) for a very special runZero Hour. Register Now!

Overview
Complete security visibility across IT, OT, IoT, cloud, mobile, and remote assets.
Regulatory Compliance
Ensure compliance and stay resilient against evolving cyber threats.
- DORA
- NIST CSF & 800-171
- NIS2
- NYDFS
- PCI DSS
Integrations
runZero seamlessly integrates with a wide variety of tools, enhancing network visibility, enriching asset data, and uncovering control gaps.
Community Edition
Our completely free version of the runZero Platform is ideal for home use and environments with fewer than 100 assets.

Welcome to the New Era of Exposure Management

We've got big news. Check out our launch video to see how we're fixing what’s broken with vulnerability management & overcoming persistent problems. Dive in to see how we're doing it & discover the new features we just launched to help you uncover the risks that matter most — even the most elusive ones!

Watch Now

Resource Center
Dive into a treasure trove of resources to expand your exposure management knowledge.
runZero Research
Explore the world of exposure management through the runZero lens.
runZero Blog
See what's happening at runZero and read up on the latest ideas, opinions, and articles from our experts and researchers.
- The New Era of Exposure Management
- Read About Our New Product Release
Support Resources
Everything you need to maximize your experience with the runZero Platform.

Divining Risk: Deciphering Signals From Vulnerability Scores

Vulnerability scores promise clarity, but too often just add to the noise. In this report, we analyze signals from over 270,000 CVEs to reveal what CVSS, EPSS, and SSVC actually tell us — and what they don’t. Discover what these systems get right, where they fall short, and how to turn that insight into smarter prioritization.

Read the Report

Our Customers
Our customers are everything. We're super proud to be trusted by leading organizations around the globe to help them improve their security.
Case Studies
See how runZero has empowered security teams to take control of their networks, uncover their unknowns, and save significant time and money.
Testimonials
Read reviews of the runZero Platform and see how teams have improved their security with our technology.

New Report Published by the U.S. Department of Energy

CECA evaluations confirm runZero's active scanning enhances ICS visibility without performance impact on SCADA.

Read the Report

About Us
Wondering who the heck are these people? Meet the team and get the story behind runZero... once upon a time called Rumble.
Events
Track down runZero Yetis in the wild! Join us in-person or virtually at one of our upcoming events.
- runZero Hour
Investors
Meet the cybersecurity investors, trailblazers, and innovators who help us navigate our journey and the evolving security landscape.
Newsroom
Read the latest articles, announcements, and press releases from runZero.
Careers
Want to join our forces? We're looking for bright minds and passionate souls who want to write the next chapter in exposure management.

Unpacking vulnerability scoring systems with EPSS expert Jay Jacobs

Tune in for the next runZero Hour as vulnerability scoring expert Jay Jacobs joins us for a spicy debate about what CVSS, EPSS, and SSVC really tell us — and what they don’t. We’ll also share highlights from new research on scoring systems, common misconceptions, and how to prioritize risk with context, not just scores.

Register Now

Infinity Partner Program
See how we can work together to provide best-in-class security solutions and outcomes for our joint customers.
Partner Directory
Explore our directory of trusted (and awesome) partners.
Partner Sign In
Sign in to our Infinity Partner Portal.

Join our Infinity Partner Program

Designed with a partner-first mindset, the runZero Infinity Partner Program offers incredibly valuable resources, relationships, and rewards to partners who choose to grow their business with us.

Become a runZero Partner

On This Page:

Latest SysAid Help Desk vulnerabilities
Are updates available?
How to find SysAid Help Desk with runZero
November 2023: CVE-2023-47246
Are updates available?
How to find SysAid Help Desk with runZero

How to find SysAid Help Desk instances

HD Moore

Rob King

|

Updated May 9, 2025, 12:00pm EDT

Latest SysAid Help Desk vulnerabilities #

On May 7th, Watchtowr disclosed multiple vulnerabilities in the SysAid Help Desk on-premises service management platform. These vulnerabilities, designated CVE-2025-2775, CVE-2025-2776, and CVE-2025-2777, leverage how SysAid handles external XML references in user-supplied input. Successfully exploiting these vulnerabilities would allow an attacker to execute arbitrary code with the privileges of the vulnerable process.

These vulnerabilities have been assigned a CVSS score of 9.3 (critical). A proof-of-concept exploit has been published for these vulnerabilities.

Are updates available? #

SysAid has released Help Desk version 24.4.60 to address this issue.

How to find SysAid Help Desk with runZero #

SysAid Help Desk services can be found by navigating to the Software Inventory and using the following query:

vendor:="SysAid" AND product:"Help Desk"

Results from the above query should be triaged to determine if they require patching or vendor intervention.

November 2023: CVE-2023-47246 #

On the evening of November 8th Microsoft Threat Intelligence announced that they had discovered attacks by a ransomware gang against the SysAid Help Desk software using a zero-day exploit (CVE-2023-47246). These attacks leveraged a directory traversal vulnerability to upload a web shell and deliver the ransomware payload. SysAid has since published an advisory, complete with indicators of compromise, and made a patch available to customers. The Rapid7 blog has additional information about this issue.

Are updates available? #

SysAid Help Desk has released version 23.3.36 to address this issue.

How to find SysAid Help Desk with runZero #

SysAid Help Desk services can be found by navigating to the Service Inventory and using the following query:

_asset.protocol:{http} AND protocol:{http} AND (_service.favicon.ico.image.md5:="5f30870725d650d7377a134c74f41cfd" OR last.html.title:"SysAid")

Results from the above query should be triaged to determine if they require patching or vendor intervention.

As always, any prebuilt queries are available from your runZero console. Check out the documentation for other useful inventory queries.

Written by HD Moore

HD Moore is the founder and CEO of runZero. Previously, he founded the Metasploit Project and served as the main developer of the Metasploit Framework, which is the world's most widely used penetration testing framework.

More about HD Moore

Written by Rob King

Rob King is the Director of Security Research at runZero. Over his career Rob has served as a senior researcher with KoreLogic, the architect for TippingPoint DVLabs, and helped get several startups off the ground. Rob helped design SC Magazine's Data Leakage Prevention Product of the Year for 2010, and was awarded the 3Com Innovator of the Year Award in 2009. He has been invited to speak at BlackHat, Shmoocon, SANS Network Security, and USENIX.

More about Rob King

Explore more

Watch Now • On Demand

Vulnerability management is broken: what's the fix?

HD Moore and Omdia analyst Rik Turner discuss why traditional vulnerability management is struggling in modern IT infrastructures, why CVEs don’t tell the full story, and why prioritization alone isn’t enough to close critical security gaps.

runZero Hour, Episode 17

The State of Vuln Management, Our Approach, and a Deep Dive into New Risk Findings

On this special edition of runZero Hour, join VP of Security Research Tod Beardsley and Security Research Director Rob King for a deep dive into the future of exposure management.

Product Release

Tackling the New Era of Exposure Management

Fixing what’s broken with legacy tools and overcoming decades-old problems requires a new approach. Dive into how we do it at runZero.

The Unreasonable Effectiveness of Inside Out Attack Surface Management

HD Moore, founder of runZero (and previously Metasploit), presents new research that will forever redefine how you approach attack surface management.

See Results in Minutes

See & secure your total attack surface. Even the unknowns & unmanageable.

Try runZero for Free

© Copyright 2025 runZero, Inc. All Rights Reserved

Discover the new era of exposure management!

Read our Launch Blog