A vulnerability identified as critical has been detected in HCL BigFix Service Management 23 . This issue affects some unknown processing of the component Header Handler . Performing a manipulation of the argument X-Content-Type-Options results in improper access controls. This vulnerability was named CVE-2025-31985 . The attack may be initiated remotely. There is no available exploit.