CVE-2026-21765

CVSS v3.1

8.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions HCL BigFix Platform (affected versions not specified)

Description The HCL BigFix Platform is susceptible to a security issue involving insecure permissions on private cryptographic keys. Specifically, these keys, located on Windows host machines, may have overly permissive file system permissions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Permission

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732CWE-276

Related Identifiers

CVE-2026-21765

Affected Products

Hcl Bigfix Platform

CVE-2026-21765

Weakness Enumeration

Related Identifiers

Affected Products

References · 7