CVE-2025-52606

Summary

HCL iControl was affected by Weak Input Validation vulnerability. This weakness is caused during implementation of an architectural security tactic. Received input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.

Affected Software

VendorProductVersion RangeStatus
HCLiControl4.0.0affected

Weaknesses

  • CWE-209: CWE-209 : Generation of Error Message Containing Sensitive Information.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References