File Parsing Vulnerability in HCL AION by HCL Software
CVE-2025-52643

4.7MEDIUM

Key Information:

Vendor: HCL Software
Status: Aion
Vendor: CVE Published:; 16 March 2026

🔔 Create HCL Software Vulnerability Alert

What is CVE-2025-52643?

HCL AION is impacted by a vulnerability that allows for the processing of untrusted files without adequate isolation in a secure sandbox environment. This shortcoming can lead to unintended behavior or potential integrity issues, making the application susceptible to attacks that exploit specially crafted files. Proper handling and security measures are essential to mitigate these risks.

Affected Version(s)

AION 2.0

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 16, 2026
Vulnerability Reserved
Jun 18, 2025

CVE-2025-52643 Data

JSON