IronmountainCVEs & Vulnerabilities
2 CVEs affecting Ironmountain products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
2 CVEs→ All vendors
Most Affected Products
connected backup 1envision 1
CVE-2025-9588CRITICAL
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Iron Mountain Archiving Services Inc. EnVision allows Command Injection. This issue affects enVision: before 250563.
23 Sep 2025
9.8
CVSS
CVE-2011-2397CRITICAL
The Agent service in Iron Mountain Connected Backup 8.4 allows remote attackers to execute arbitrary code via a crafted opcode 13 request that triggers use of the LaunchCompoundFileAnalyzer class to send request data to the System.getRunTime.exec method.
5 Dec 2011
10.0
CVSS
← PrevPage 1 / 1Next →