PT-2025-15892 · Dell · Dell Powerscale Onefs

CVE-2025-27690

·

Published

2025-04-07

·

Updated

2025-07-11

CVSS v2.0

10

Critical

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS versions 9.5.0.0 through 9.10.1.0
Description: The issue is related to a use of default password vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the takeover of a high privileged user account.
Recommendations: For versions 9.5.0.0 through 9.10.1.0, update the system to change the default password and ensure that all accounts have strong, unique passwords to prevent unauthorized access. As a temporary workaround, consider restricting remote access to the system until a patch is available. Restrict access to high privileged user accounts to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2025-04532
CVE-2025-27690

Affected Products

Dell Powerscale Onefs