CNNVD-202506-1796 Information
CNNVD ID
CNNVD-202506-1796
Related CVE
- CNNVD Published: 2025-06-13
Description (Chinese)
Dell ControlVault3和Dell ControlVault3 Plus都是美国戴尔(Dell)公司的一款基于硬件的安全解决方案。 Dell ControlVault3 5.15.10.14之前版本和Dell ControlVault3 Plus 6.2.26.36之前版本存在缓冲区错误漏洞,该漏洞源于cv_upgrade_sensor_firmware功能存在越界写入。
Description (English)
Dell ControlVault3 and Dell ControlVault3 Plus are both hardware-based security solutions for Dell in the United States. Pre-Dell ControlVault 3 5.15.10.14 and pre-Dell ControlVault 3 Plus 6.2.26.36 contain an error loophole in the buffer zone, which stems from the cross-border writing of the cv upgrad sensor fairware function.
Hazard Level
Medium
Vulnerability Type
缓冲区错误
Affected Vendor
戴尔
Published
2025-06-13
Last Modified
2026-02-24
References
https://www.dell.com/support/kbdoc/en-us/000276106/dsa-2025-053 https://access.redhat.com/security/cve/cve-2025-25050
Patch
https://www.dell.com/support/kbdoc/en-us/000276106/dsa-2025-053
Share on: