CVE-2025-31977

Summary

HCL BigFix SM is affected by cryptographic weakness due to weak or outdated encryption algorithms.  An attacker with network access could exploit this weakness to decrypt or manipulate encrypted communications under certain conditions.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareBigFix Service Management (SM)23affected

Weaknesses

  • CWE-311: CWE-311 Missing Encryption of Sensitive Data

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References