CNNVD-202506-1800 Information
CNNVD ID
CNNVD-202506-1800
Related CVE
- CNNVD Published: 2025-06-13
Description (Chinese)
Dell ControlVault3和Dell ControlVault3 Plus都是美国戴尔(Dell)公司的一款基于硬件的安全解决方案。 Dell ControlVault3 5.15.10.14之前版本和Dell ControlVault3 Plus 6.2.26.36之前版本存在代码问题漏洞,该漏洞源于cvhDecapsulateCmd功能存在反序列化漏洞,可能导致执行任意代码。
Description (English)
Dell ControlVault3 and Dell ControlVault3 Plus are both hardware-based security solutions for Dell in the United States. Before Dell ControlVault 3 5.15.10.14 and Dell ControlVault 3 Plus 6.2.26.36, there was a code gap, which stemmed from a back-serialization gap in the cvhDecapsulateCmd function, which could lead to the implementation of any code.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
戴尔
Published
2025-06-13
Last Modified
2026-02-24
References
https://www.dell.com/support/kbdoc/en-us/000276106/dsa-2025-053 https://access.redhat.com/security/cve/cve-2025-24919
Patch
https://www.dell.com/support/kbdoc/en-us/000276106/dsa-2025-053
Share on: