CVE-2025-55077

Tyler Technologies ERP Pro 9 SaaS application escape

CVSS 5.3 MEDIUMEPSS 0.2%CWE-250 CWE-668 CWE-863

Tyler Technologies ERP Pro 9 SaaS allows an authenticated user to escape the application and execute limited operating system commands within the remote Microsoft Windows environment with the privileges of the authenticated user. Tyler Technologies deployed hardened remote Windows environment settings to all ERP Pro 9 SaaS customer environments as of 2025-08-01.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

Affected products

Tyler Technologies · ERP Pro 9 SaaS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-219-01.json https://www.cve.org/CVERecord?id=CVE-2025-55077