CVE-2025-36572

Name of the Vulnerable Software and Affected Versions Dell PowerStore version 4.0.0.0

Description The issue concerns the use of hard-coded credentials in the PowerStore image file. A low-privileged attacker with remote access and knowledge of these credentials could exploit this to gain unauthorized access based on the hardcoded account's privileges.

Recommendations For version 4.0.0.0, consider changing the hard-coded credentials to unique, strong passwords to prevent unauthorized access. As a temporary workaround, restrict remote access to the PowerStore image file until a patch is available.