CVE-2025-31974

Description

HCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-Only. An improperly configured root file system may allow unintended modifications to critical system components, potentially increasing the risk of system compromise or unauthorized changes.

CVSS Details

CVSS Score

3.9

Severity

LOW

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L

Configurations (Affected Products)

cpe:2.3:a:hcltech:bigfix_service_management:23.0:*:*:*:*:*:*:* - VULNERABLE

HCL BigFix Service Management (SM) (具体版本未披露)

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

#!/bin/bash
# PoC for CVE-2025-31974: Root File System Not Mounted as Read-Only
# This script checks if the root filesystem is writable.

# Check mount options for root (/)
MOUNT_OPTS=$(findmnt -n -o OPTIONS /)

# Check if 'ro' (read-only) is absent in options
if [[ "$MOUNT_OPTS" != *"ro"* ]]; then
    echo "[+] Vulnerability Confirmed: Root filesystem is NOT mounted read-only."
    echo "[+] Current Mount Options: $MOUNT_OPTS"
    
    # Attempt to write a test file to verify (requires root privileges)
    TEST_FILE="/tmp/cve_2025_31974_test.txt"
    if touch "$TEST_FILE" 2>/dev/null; then
        echo "[+] Exploitable: Successfully created a file on the root filesystem."
        rm -f "$TEST_FILE"
    else
        echo "[!] Warning: Write test failed (possible permission restrictions), but mount options indicate vulnerability."
    fi
else
    echo "[-] Safe: Root filesystem is mounted read-only."
fi

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-31974
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-31974
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-31974/
[4] VulDB https://vuldb.com/cve/CVE-2025-31974
[5] https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128144

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-31974", "sourceIdentifier": "[email protected]", "published": "2026-05-06T19:16:35.593", "lastModified": "2026-05-11T13:51:22.940", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "HCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-Only. An improperly configured root file system may allow\n\nunintended modifications to critical system components, potentially increasing the risk of system compromise or unauthorized changes."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L", "baseScore": 3.9, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "HIGH", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 0.5, "impactScore": 3.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.2, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-1188"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:hcltech:bigfix_service_management:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "4D915AC1-7C2B-497D-9A77-9726954B2282"}]}]}], "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128144", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}