Internal Filesystem Path Exposure in HCL AION
CVE-2025-52642

3.3LOW

Key Information:

Vendor: HCL Software
Status: Aion
Vendor: CVE Published:; 16 March 2026

🔔 Create HCL Software Vulnerability Alert

What is CVE-2025-52642?

HCL AION has been identified to have a vulnerability that allows the potential exposure of internal filesystem paths through application responses and system behaviors. This exposure may disclose critical details about the environment structure, which could be leveraged by attackers to initiate further targeted attacks or facilitate unauthorized information access. It is essential for organizations using HCL AION to be aware of this vulnerability and implement measures to mitigate the risks associated with filesystem path exposure.

Affected Version(s)

AION 2.0

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 16, 2026
Vulnerability Reserved
Jun 18, 2025

CVE-2025-52642 Data

JSON