Tyler Technologies ERP Pro 9 SaaS allows an authenticated user to escape the application and execute limited operating system commands within the remote Microsoft Windows environment with the privileges of the authenticated user. Tyler Technologies deployed hardened remote Windows environment settings to all ERP Pro 9 SaaS customer environments as of 2025-08-01.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 23 Sep 2025 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft
Microsoft windows
Tylertech
Tylertech erp Pro 9
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:tylertech:erp_pro_9:2025-08-01:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows
Tylertech
Tylertech erp Pro 9

Tue, 12 Aug 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 12 Aug 2025 08:00:00 +0000

Type Values Removed Values Added
First Time appeared Tyler Technologies
Tyler Technologies erp Pro 9 Saas
Vendors & Products Tyler Technologies
Tyler Technologies erp Pro 9 Saas

Thu, 07 Aug 2025 18:45:00 +0000

Type Values Removed Values Added
Description Tyler Technologies ERP Pro 9 SaaS allows an authenticated user to escape the application and execute limited operating system commands within the remote Microsoft Windows environment with the privileges of the authenticated user. Tyler Technologies deployed hardened remote Windows environment settings to all ERP Pro 9 SaaS customer environments as of 2025-08-01.
Title Tyler Technologies ERP Pro 9 SaaS application escape
Weaknesses CWE-250
CWE-668
CWE-863
References
Metrics cvssV3_1

{'score': 7.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: cisa-cg

Published:

Updated: 2025-08-12T15:21:13.885Z

Reserved: 2025-08-06T17:40:21.514Z

Link: CVE-2025-55077

cve-icon Vulnrichment

Updated: 2025-08-12T15:21:09.104Z

cve-icon NVD

Status : Analyzed

Published: 2025-08-07T19:15:29.060

Modified: 2025-09-23T18:29:25.153

Link: CVE-2025-55077

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-08-12T07:56:29Z