PT-2025-25445 · Dell · Dell Controlvault3 Plus+1
Philippe Laulheret
·
Published
2025-06-13
·
Updated
2025-08-08
·
CVE-2025-24311
CVSS v3.1
8.4
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Dell ControlVault3 versions prior to 5.15.10.14
Dell ControlVault3 Plus versions prior to 6.2.26.36
Description
An out-of-bounds read vulnerability exists in the
cv send blockdata functionality. A specially crafted ControlVault API call can lead to an information leak. An attacker can issue an API call to trigger this vulnerability.Recommendations
Dell ControlVault3 versions prior to 5.15.10.14: Upgrade to version 5.15.10.14 or later.
Dell ControlVault3 Plus versions prior to 6.2.26.36: Upgrade to version 6.2.26.36 or later.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell Controlvault3
Dell Controlvault3 Plus