CNNVD-202511-1844 Information
CNNVD ID
CNNVD-202511-1844
Related CVE
- CNNVD Published: 2025-11-17
Description (Chinese)
Dell ControlVault3和Dell ControlVault3 Plus都是美国戴尔(Dell)公司的一款基于硬件的安全解决方案。 Dell ControlVault3 5.15.14.19之前版本和Dell ControlVault3 Plus 6.2.36.47之前版本存在安全漏洞,该漏洞源于ControlVault WBDI Driver Broadcom Storage Adapter功能存在越界读写漏洞,可能导致内存损坏。
Description (English)
Dell ControlVault3 and Dell ControlVault3 Plus are both hardware-based security solutions for Dell in the United States. There is a security loophole in the pre-Dell ControlVault 3 5.15.14.19 and the pre-Dell ControlVault 3 Plus 6.2.36.47, which stems from a cross-border reading and writing gap in the function of ContractorVault WBDI Driver Broadcom Corporation Adapter, which may result in memory damage.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
戴尔
Published
2025-11-17
Last Modified
2026-02-24
References
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2175 https://www.dell.com/support/kbdoc/en-us/000326061/dsa-2025-228 https://access.redhat.com/security/cve/cve-2025-36460
Patch
https://www.dell.com/support/kbdoc/en-us/000326061/dsa-2025-228
Share on: