Cyber Posture

CVE-2025-55262

High

Published: 26 March 2026

Published
26 March 2026
Modified
26 March 2026
KEV Added
Patch
CVSS Score 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H
EPSS Score 0.0001 1.5th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-55262 is a high-severity Use of Hard-coded Credentials (CWE-798) vulnerability in Hcltech Aftermarket Cloud. Its CVSS base score is 8.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 1.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

SI-10 requires validation of all information inputs, directly preventing SQL injection by rejecting malicious SQL payloads in HCL Aftermarket DPC.

SI-2 Flaw Remediation good match
prevent

SI-2 mandates timely identification, reporting, and correction of software flaws, enabling patching of the specific SQL injection vulnerability described in CVE-2025-55262.

SC-7 Boundary Protection partial match
preventdetect

SC-7 enforces boundary protection using mechanisms like web application firewalls to block or detect SQL injection attempts targeting the application.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

SQL injection in a public-facing web application directly enables remote exploitation over the network for sensitive data retrieval and limited modification/DoS.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database.

Deeper analysisAI

CVE-2025-55262 is a SQL injection vulnerability affecting HCL Aftermarket DPC software. Published on 2026-03-26, it enables an attacker to exploit the flaw and retrieve sensitive information from the underlying database. The issue is linked to CWE-798 (Use of Hard-coded Credentials) and CWE-89 (SQL Injection), with a CVSS v3.1 base score of 8.3 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H), indicating high severity due to significant confidentiality, integrity, and availability impacts.

An unauthenticated remote attacker can exploit this vulnerability over the network with low complexity, though it requires user interaction, such as tricking a user into performing an action like clicking a malicious link. Successful exploitation allows the attacker to extract sensitive database information (high confidentiality impact), potentially modify limited data (low integrity impact), and disrupt service availability (high availability impact).

Mitigation guidance is available in the HCL Software advisory at https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129793.

Details

CWE(s)
CWE-798CWE-89

Affected Products

hcltech
aftermarket cloud
1.0.0

CVEs Like This One

CVE-2025-55271Same product: Hcltech Aftermarket Cloud
CVE-2025-55263Same product: Hcltech Aftermarket Cloud
CVE-2025-55267Same product: Hcltech Aftermarket Cloud
CVE-2025-55270Same product: Hcltech Aftermarket Cloud
CVE-2025-55261Same product: Hcltech Aftermarket Cloud
CVE-2025-55275Same product: Hcltech Aftermarket Cloud
CVE-2025-55265Same product: Hcltech Aftermarket Cloud
CVE-2025-55269Same product: Hcltech Aftermarket Cloud
CVE-2025-31958Same vendor: Hcltech
CVE-2025-52628Same vendor: Hcltech

References