CVE-2025-55077

Summary

Tyler Technologies ERP Pro 9 SaaS allows an authenticated user to escape the application and execute limited operating system commands within the remote Microsoft Windows environment with the privileges of the authenticated user. Tyler Technologies deployed hardened remote Windows environment settings to all ERP Pro 9 SaaS customer environments as of 2025-08-01.

Affected Software

VendorProductVersion RangeStatus
Tyler TechnologiesERP Pro 9 SaaS0 < 2025-08-01affected
Tyler TechnologiesERP Pro 9 SaaS2025-08-01unaffected

Weaknesses

  • CWE-250: CWE-250 Execution with Unnecessary Privileges
  • CWE-668: CWE-668 Exposure of Resource to Wrong Sphere
  • CWE-863: CWE-863 Incorrect Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References