Cyber Resilience

CVE-2025-31973

Medium

Published: 20 May 2026

Published
20 May 2026
Modified
20 May 2026
KEV Added
Patch
CVSS Score v3.1 4.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
EPSS Score 0.0018 7.5th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2025-31973 is a medium-severity an unspecified weakness vulnerability in Hcltech Bigfix Service Management. Its CVSS base score is 4.0 (Medium).

Operationally, ranked at the 7.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment.

CWE(s)

Related Threats

CVEs Like This One

CVE-2025-31958Same product: Hcltech Bigfix Service Management
CVE-2024-30151Same product: Hcltech Bigfix Service Management
CVE-2025-52636Same vendor: Hcltech
CVE-2025-52626Same vendor: Hcltech
CVE-2025-55269Same vendor: Hcltech
CVE-2025-52627Same vendor: Hcltech
CVE-2025-52660Same vendor: Hcltech
CVE-2024-42176Same vendor: Hcltech
CVE-2024-42172Same vendor: Hcltech
CVE-2025-52612Same vendor: Hcltech

Affected Assets

hcltech
bigfix service management
23.0

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References