← back
CVE-2025-52645

HCL AION is affected by a vulnerability where model packaging and distribution mechanisms may not include sufficient authenticity verification.

CVSS 1.9 LOWEPSS 0.1%CWE-345
HCL AION is affected by a vulnerability where model packaging and distribution mechanisms may not include sufficient authenticity verification. This may allow the possibility of unverified or modified model artifacts being used, potentially leading to integrity concerns or unintended behaviour.
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N
Affected products
HCL · AION

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129410