CVE-2025-52626
Published: 03 February 2026
Summary
CVE-2025-52626 is a medium-severity OS Command Injection (CWE-78) vulnerability in Hcltech Aion. Its CVSS base score is 4.5 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked at the 18.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
Threat & Defense at a Glance
Threat & Defense Details
Likely Mitigating ControlsAI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local OS command injection (CWE-78) directly enables arbitrary command execution on the host.
NVD Description
A Potential Command Injection vulnerability in HCL AION. An This can allow unintended command execution, potentially leading to unauthorized actions on the underlying system.This issue affects AION: 2.0
Deeper analysisAI
CVE-2025-52626 is a potential command injection vulnerability (CWE-78) in HCL AION version 2.0. It enables unintended command execution, which could lead to unauthorized actions on the underlying system. The vulnerability received a CVSS v3.1 base score of 4.5 (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L) and was published on 2026-02-03.
Exploitation requires local access (AV:L), high attack complexity (AC:H), and low privileges (PR:L), with no user interaction needed (UI:N) and unchanged scope (S:U). A local low-privileged attacker could potentially inject commands to achieve low impacts on confidentiality, integrity, and availability (C:L/I:L/A:L), such as limited unauthorized system actions.
For mitigation details, refer to the HCL advisory at https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127972.
Details
- CWE(s)