CVE-2025-55077 MEDIUM

CVE-2025-55077: Tyler Technologies ERP Pro 9 SaaS application escape

Vendor Tyler Technologies
Product ERP Pro 9 SaaS
Weakness CWE-250
Published August 7, 2025
Last update August 12, 2025

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

What the vulnerability does

01Description

Tyler Technologies ERP Pro 9 SaaS allows an authenticated user to escape the application and execute limited operating system commands within the remote Microsoft Windows environment with the privileges of the authenticated user. Tyler Technologies deployed hardened remote Windows environment settings to all ERP Pro 9 SaaS customer environments as of 2025-08-01.

Key dates

02Disclosure timeline

August 7, 2025 CVE published
August 12, 2025 Record updated