CVE-2025-7451 is a critical OS Command Injection vulnerability identified in Hgiga's iSherlock product. This vulnerability arises from improper neutralization of special elements used in operating system commands (CWE-78), allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server hosting iSherlock. The vulnerability is present in version 0 of the product, and no authentication or user interaction is required to exploit it. The CVSS v3.1 base score is 9.8, indicating a critical severity with high impact on confidentiality, integrity, and availability. The attack vector is network-based with low attack complexity, and the scope is unchanged, meaning the vulnerability affects the vulnerable component directly. Although no public exploits have been confirmed in the wild yet, the vulnerability has been reported as already exploited, emphasizing the urgency of remediation. The lack of available patches at the time of reporting further increases the risk. The vulnerability enables attackers to execute arbitrary commands on the underlying operating system, potentially leading to full system compromise, data theft, service disruption, or lateral movement within the network.

For European organizations using Hgiga's iSherlock, this vulnerability poses a severe risk. Successful exploitation can lead to complete system compromise, exposing sensitive data and critical infrastructure to attackers. Given that iSherlock is likely used in investigative or analytical contexts, the confidentiality of sensitive case data or operational intelligence could be jeopardized. The integrity of data and system configurations can be altered or destroyed, and availability can be disrupted through denial-of-service conditions or ransomware deployment. The unauthenticated nature of the vulnerability means attackers can exploit it remotely without prior access, increasing the attack surface significantly. This threat is particularly concerning for sectors such as law enforcement, government agencies, and private investigation firms across Europe that rely on iSherlock for their operations. The potential for espionage, data breaches, and operational disruption could have cascading effects on public safety and national security.

Immediate mitigation steps include isolating affected iSherlock instances from external networks to prevent remote exploitation. Organizations should monitor network traffic and system logs for unusual command execution patterns indicative of exploitation attempts. Since no patches are currently available, applying virtual patching via Web Application Firewalls (WAFs) or Intrusion Prevention Systems (IPS) with custom rules to detect and block OS command injection payloads is recommended. Restricting the privileges of the iSherlock service account to the minimum necessary can limit the impact of a successful exploit. Organizations should also implement network segmentation to contain potential breaches. Regular backups of critical data and system snapshots should be maintained to enable recovery. Once Hgiga releases an official patch, organizations must prioritize immediate deployment. Additionally, conducting a thorough security audit of all systems running iSherlock and related infrastructure is advised to identify any signs of compromise.