CVE-2025-55251
Published: 19 January 2026
Summary
CVE-2025-55251 is a low-severity Unrestricted Upload of File with Dangerous Type (CWE-434) vulnerability in Hcltech Aion. Its CVSS base score is 3.1 (Low).
Operationally, exploitation aligns with the MITRE ATT&CK technique Web Shell (T1505.003); ranked at the 7.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-3 (Malicious Code Protection).
Deeper analysis
CVE-2025-55251 is an Unrestricted File Upload vulnerability affecting HCL AION. Published on 2026-01-19, the flaw enables malicious file uploads, potentially resulting in unauthorized code execution or system compromise. It carries a CVSS v3.1 base score of 3.1 (AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L) and maps to CWE-434.
Exploitation requires local access, low attack complexity, high privileges, and user interaction. A suitably positioned attacker could upload malicious files, achieving low-impact effects on integrity and availability with no confidentiality impact, which may lead to unauthorized code execution or broader system compromise.
HCL has issued a knowledge base article at https://support.hcl-software.com/kb_view.do?sys_kb_id=4b92474633de7ad4159a05273e5c7b4b&searchTerm=kb0127995# providing details on the vulnerability. Security practitioners should consult this advisory for recommended mitigations and patch information.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-3204
Vulnerability details
HCL AION is affected by an Unrestricted File Upload vulnerability. This can allow malicious file uploads, potentially resulting in unauthorized code execution or system compromise.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unrestricted file upload (CWE-434) directly enables web shell deployment for code execution on the affected system.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of all information inputs, including file type, content, and extension checks that block malicious uploads before they reach the system.
Mandates malicious code protection mechanisms that can scan and block uploaded files containing executable payloads.
Requires integrity verification of software and information, enabling detection of unauthorized or tampered files during the upload process.