CyberSec.Space Logo
Back to CVE Browser

CVE-2025-9588

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0960%
EPSS Percentile39.18th
PublishedSep 23, 2025
Last ModifiedJun 5, 2026

Vulnerability Description

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Iron Mountain Archiving Services Inc. EnVision allows Command Injection. This issue affects enVision: before 250563.

Affected Platforms (CPE)

📦
Ironmountain

Envision

< 250563

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0285
🔗 https://www.usom.gov.tr/bildirim/tr-25-0285

Related Vulnerabilities

CVE-2012-04029.3

EMC RSA enVision 4.x before 4.1 Patch 4 uses unspecified hardcoded credentials, which makes it easier for remote attackers to obta...

CVE-2012-04007.9

EMC RSA enVision 4.x before 4.1 Patch 4 does not properly restrict the number of failed authentication attempts, which makes it ea...

CVE-2025-111457.5

Observable Discrepancy, Exposure of Sensitive Information to an Unauthorized Actor, Exposure of Private Personal Information to an...

CVE-2012-04016.5

Multiple SQL injection vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote authenticated users to execute arbi...