CVE-2025-31974
Awaiting Analysis
Awaiting Analysis - Queue
Root File System Not Mounted as Read-Only in HCL BigFix Service Management
Publication date: 2026-05-06
Last updated on: 2026-05-06
Assigner: HCL Software
Description
Description
HCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-Only. An improperly configured root file system may allow
unintended modifications to critical system components, potentially increasing the risk of system compromise or unauthorized changes.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hcl | bigfix_service_management | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-1188 | The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in HCL BigFix Service Management (SM) involves the root file system not being mounted as read-only. This improper configuration can allow unintended modifications to critical system components.
How can this vulnerability impact me? :
Because the root file system is not mounted as read-only, attackers or unauthorized users may be able to modify critical system components. This increases the risk of system compromise or unauthorized changes, potentially affecting system integrity and security.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70