CVE-2025-31974

Summary

HCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-Only. An improperly configured root file system may allow

unintended modifications to critical system components, potentially increasing the risk of system compromise or unauthorized changes.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareBigFix Service Management (SM)23affected

Weaknesses

  • CWE-1188: CWE-1188 Initialization of a resource with an insecure default

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References