CVE-2025-52645

HCL AION is affected by a vulnerability where model packaging and distribution mechanisms may not include sufficient authenticity verification.

CVSS 1.9 LOWEPSS 0.1%CWE-345

Vexday Risk Score

8Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 1.9EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

16 mar 2026Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

HCL AION is affected by a vulnerability where model packaging and distribution mechanisms may not include sufficient authenticity verification. This may allow the possibility of unverified or modified model artifacts being used, potentially leading to integrity concerns or unintended behaviour.

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N

Productos afectados

HCL · AION

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129410