CNNVD-202511-1847 Information
CNNVD ID
CNNVD-202511-1847
Related CVE
- CNNVD Published: 2025-11-17
Description (Chinese)
Dell ControlVault3和Dell ControlVault3 Plus都是美国戴尔(Dell)公司的一款基于硬件的安全解决方案。 Dell ControlVault3 5.15.14.19之前版本和Dell ControlVault3 Plus 6.2.36.47之前版本存在安全漏洞,该漏洞源于ControlVault WBDI Driver WBIO_USH_ADD_RECORD功能存在权限提升漏洞,可能导致权限提升。
Description (English)
Dell ControlVault3 and Dell ControlVault3 Plus are both hardware-based security solutions for Dell in the United States. There is a security loophole in the pre-Dell ControlVault 3 5.15.14.19 and the pre-Dell ControlVault 3 Plus 6.2.36.47, which stems from the fact that there is a power-enhancing loophole in the ControVault WBDI Driver WBIO USH ADD RECORD function, which may lead to an increase in authority.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
戴尔
Published
2025-11-17
Last Modified
2026-02-24
References
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2174 https://www.dell.com/support/kbdoc/en-us/000326061/dsa-2025-228 https://access.redhat.com/security/cve/cve-2025-31361
Patch
https://www.dell.com/support/kbdoc/en-us/000326061/dsa-2025-228
Share on: