CVE-2025-9588
OS Command Injection in Iron Mountain's enVision
Vexday Risk Score
28Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 10EPSS 1.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
23 sep 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Iron Mountain Archiving Services Inc. EnVision allows Command Injection.
This issue affects enVision: before 250563.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Productos afectados
Iron Mountain Archiving Services Inc. · enVision