CNNVD-202506-1795 Information
CNNVD ID
CNNVD-202506-1795
Related CVE
- CNNVD Published: 2025-06-13
Description (Chinese)
Dell ControlVault3和Dell ControlVault3 Plus都是美国戴尔(Dell)公司的一款基于硬件的安全解决方案。 Dell ControlVault3 5.15.10.14之前版本和Dell ControlVault3 Plus 6.2.26.36之前版本存在安全漏洞,该漏洞源于securebio_identify功能存在栈缓冲区溢出,可能导致执行任意代码。
Description (English)
Dell ControlVault3 and Dell ControlVault3 Plus are both hardware-based security solutions for Dell in the United States. Pre-Dell ControlVault 3 5.15.10.14 and pre-Dell ControlVault 3 Plus 6.2.26.36 have a security loophole, which stems from the leak of the securitybio identify function in the buffer zone, which could lead to the implementation of any code.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
戴尔
Published
2025-06-13
Last Modified
2026-02-24
References
https://www.dell.com/support/kbdoc/en-us/000276106/dsa-2025-053 https://access.redhat.com/security/cve/cve-2025-24922
Patch
https://www.dell.com/support/kbdoc/en-us/000276106/dsa-2025-053
Share on: