{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-21765", "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "state": "PUBLISHED", "assignerShortName": "HCL", "dateReserved": "2026-01-05T16:07:58.367Z", "datePublished": "2026-04-01T23:36:45.573Z", "dateUpdated": "2026-04-02T18:21:14.546Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "shortName": "HCL", "dateUpdated": "2026-04-01T23:36:45.573Z"}, "title": "HCL BigFix Platform is affected by insecure permissions on private cryptographic keys", "datePublic": "2026-04-01T23:35:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "type": "CWE"}]}, {"descriptions": [{"lang": "en", "cweId": "CWE-276", "description": "CWE-276 Incorrect default permissions", "type": "CWE"}]}], "affected": [{"vendor": "HCLSoftware", "product": "BigFix Platform", "versions": [{"status": "affected", "version": "11.0.0 - 11.0.5"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "HCL BigFix Platform is affected by insecure permissions on private cryptographic keys.\u00a0 The private cryptographic keys located on a Windows host machine might be subject to overly permissive file system permissions.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "HCL BigFix Platform is affected by insecure permissions on private cryptographic keys.  The private cryptographic keys located on a Windows host machine might be subject to overly permissive file system permissions."}]}], "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129906"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-02T18:20:48.284525Z", "id": "CVE-2026-21765", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-02T18:21:14.546Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-21765", "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "state": "PUBLISHED", "assignerShortName": "HCL", "dateReserved": "2026-01-05T16:07:58.367Z", "datePublished": "2026-04-01T23:36:45.573Z", "dateUpdated": "2026-04-02T18:21:14.546Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "shortName": "HCL", "dateUpdated": "2026-04-01T23:36:45.573Z"}, "title": "HCL BigFix Platform is affected by insecure permissions on private cryptographic keys", "datePublic": "2026-04-01T23:35:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "type": "CWE"}]}, {"descriptions": [{"lang": "en", "cweId": "CWE-276", "description": "CWE-276 Incorrect default permissions", "type": "CWE"}]}], "affected": [{"vendor": "HCLSoftware", "product": "BigFix Platform", "versions": [{"status": "affected", "version": "11.0.0 - 11.0.5"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "HCL BigFix Platform is affected by insecure permissions on private cryptographic keys.\u00a0 The private cryptographic keys located on a Windows host machine might be subject to overly permissive file system permissions.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "HCL BigFix Platform is affected by insecure permissions on private cryptographic keys.  The private cryptographic keys located on a Windows host machine might be subject to overly permissive file system permissions."}]}], "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129906"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-21765", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-02T18:20:48.284525Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-02T18:21:10.798Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "HCL BigFix Platform is affected by insecure permissions on private cryptographic keys.\u00a0 The private cryptographic keys located on a Windows host machine might be subject to overly permissive file system permissions."}], "id": "CVE-2026-21765", "lastModified": "2026-04-02T00:16:23.953", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "psirt@hcl.com", "type": "Secondary"}]}, "published": "2026-04-02T00:16:23.953", "references": [{"source": "psirt@hcl.com", "url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129906"}], "sourceIdentifier": "psirt@hcl.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-276"}, {"lang": "en", "value": "CWE-732"}], "source": "psirt@hcl.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[11.0.0,11.0.5]"}}], "enrichment": {"confidence": 84.0, "confidence_source": "matching", "scores": [{"score": 84.0, "source": "matching"}]}, "original": {"product": "BigFix Platform", "source": "cna", "vendor": "HCLSoftware"}, "product": "bigfix_platform", "vendor": "hcltech"}], "analysis": {"en": {"generated_at": "2026-04-02T02:05:47.403945+00:00", "value": {"mitigation_remediation": ["Apply the vendor patch or update to the latest HCL BigFix Platform as provided in the support article.", "Restrict file system permissions for the private key files so that only the required BigFix service accounts have read access.", "Re\u2011verify the permissions on all Windows hosts after patching.", "Schedule regular audits of key file permissions to ensure they remain correctly configured."], "summary": {"action": "Apply Patch", "impact": "Unauthorized Key Access"}, "threat_synthesis": {"affected_systems": "The affected product is the HCLSoftware BigFix Platform. No specific version information is provided, so all deployments of the platform should be evaluated for the presence of this permission issue.", "description_and_impact": "HCL BigFix Platform stores private cryptographic keys on Windows hosts with overly permissive file system permissions. This allows any local user or process with read access to the key files to obtain the keys, enabling the attacker to decrypt protected data, impersonate the system, or sign certificates. The vulnerability is a classic example of improper ACL configuration (CWE-276, CWE-732) and poses a direct threat to the confidentiality and integrity of the platform.", "risk_and_exploitability": "The CVSS score of 8.8 indicates a high severity vulnerability. EPSS information is not available, so the likelihood of exploitation cannot be quantified based on current data. The vulnerability is not listed in CISA\u2019s KEV catalog, suggesting no known active exploitation. The likely attack vector is a local user or a compromised process on the Windows host being able to read the key files; an attacker with remote access that can execute code on the host could also leverage the permissive permissions. This is inferred from the description of insecure permissions on private keys."}}}}, "created": "2026-04-02T07:46:54.322417+00:00", "updated": "2026-04-02T20:15:53.971782+00:00", "vendors": ["hcltech", "hcltech$PRODUCT$bigfix_platform"]}