CVE-2025-52638

HCL AION is affected by a vulnerability where generated containers may execute binaries with root-level privileges. Running containers with root privileges may increase the potential security risk, as it grants elevated permissions within the container environment. Aligning container configurations with security best practices requires minimizing privileges and avoiding root-level execution wherever possible.

CVSS v3 5.6 MEDIUM

5.6^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.3 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129410	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:hcl:aion:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2026-03-16 14:17

Updated : 2026-03-27 17:27

NVD link : CVE-2025-52638

Mitre link : CVE-2025-52638

CVE.ORG link : CVE-2025-52638

JSON object : View

Products Affected

hcl

aion

CWE

CWE-345

Insufficient Verification of Data Authenticity

{"id": "CVE-2025-52638", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@hcl.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.6, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 0.3}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2026-03-16T14:17:59.610", "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129410", "tags": ["Vendor Advisory"], "source": "psirt@hcl.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-345"}]}], "descriptions": [{"lang": "en", "value": "HCL AION is affected by a vulnerability where generated containers may execute binaries with root-level privileges. Running containers with root privileges may increase the potential security risk, as it grants elevated permissions within the container environment. Aligning container configurations with security best practices requires minimizing privileges and avoiding root-level execution wherever possible."}, {"lang": "es", "value": "HCL AION se ve afectado por una vulnerabilidad donde las im\u00e1genes base de los contenedores no se autentican correctamente. Esto puede exponer el sistema a riesgos de seguridad potenciales, como el uso de im\u00e1genes de contenedor no confiables, lo que podr\u00eda llevar a un comportamiento no deseado o a un impacto en la seguridad."}], "lastModified": "2026-03-27T17:27:23.670", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hcl:aion:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43DEFA2D-ED07-4867-BC69-DD77EABA83B0", "versionEndExcluding": "2.1.2", "versionStartIncluding": "2.0"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@hcl.com"}