CVE-2025-9588

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0960%

EPSS Percentile39.18th

Published2025年9月23日

Last Modified2026年6月5日

Vulnerability Description

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Iron Mountain Archiving Services Inc. EnVision allows Command Injection. This issue affects enVision: before 250563.

Affected Platforms (CPE)

📦

Ironmountain

Envision

< 250563

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0285

🔗 https://www.usom.gov.tr/bildirim/tr-25-0285

関連する脆弱性情報

CVE-2012-04029.3

EMC RSA enVision 4.x before 4.1 Patch 4 uses unspecified hardcoded credentials, which makes it easier for remote attackers to obta...

CVE-2012-04007.9

EMC RSA enVision 4.x before 4.1 Patch 4 does not properly restrict the number of failed authentication attempts, which makes it ea...

CVE-2025-111457.5

Observable Discrepancy, Exposure of Sensitive Information to an Unauthorized Actor, Exposure of Private Personal Information to an...

CVE-2012-04016.5

Multiple SQL injection vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote authenticated users to execute arbi...