Cyber Posture

CVE-2025-31973

Medium
Microsoft: not affectedMSmacOS: not affectedMacLinux: not affectedLnxMobile: not affectedMobNetwork: not affectedNetApplication: affectedAppOther: not affectedOth

Published: 20 May 2026

Published
20 May 2026
Modified
20 May 2026
KEV Added
Patch
CVSS Score 4.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
EPSS Score 0.0001 1.6th percentile
Risk Priority 8 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-31973 is a medium-severity an unspecified weakness vulnerability in Hcltech Bigfix Service Management. Its CVSS base score is 4.0 (Medium).

Operationally, ranked at the 1.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

NVD Description

HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment.

Deeper analysisAI

Automated synthesis unavailable for this CVE.

Details

CWE(s)
NVD-CWE-noinfo

Affected Products

hcltech
bigfix service management
23.0

References