CVE-2025-52643

EUVD-2025-208735
HCL AION is affected by a vulnerability where untrusted file parsing operations are not executed within a properly isolated sandbox environment. This may expose the application to potential security risks, including unintended behaviour or integrity impact when processing specially crafted files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.7 MEDIUM
LOCAL
HIGH
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
Affected Products (NVD)
VendorProductVersion
hcltechaion
2.0.0 ≤
𝑥
< 2.1.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129410